Present Security to Executive Stakeholders

  • Buy Link or Shortcode: {j2store}262|cart{/j2store}
  • member rating overall impact (scale of 10): 10.0/10 Overall Impact
  • member rating average dollars saved: $2,000 Average $ Saved
  • member rating average days saved: 10 Average Days Saved
  • Parent Category Name: Governance, Risk & Compliance
  • Parent Category Link: /governance-risk-compliance
  • There is a disconnect between security leaders and executive stakeholders on what information is important to present.
  • Security leaders find it challenging to convey the necessary information to obtain support for security objectives.
  • Changes to the threat landscape and shifts in organizational goals exacerbate the issue, as they impact security leaders' ability to prioritize topics to be communicated.
  • Security leaders struggle to communicate the importance of security to a non-technical audience.

Our Advice

Critical Insight

Security presentations are not a one-way street. The key to a successful executive security presentation is having a goal for the presentation and ensuring that you have met your goal.

Impact and Result

  • Developing a thorough understanding of the security communication goals.
  • Understanding the importance of leveraging highly relevant and understandable data.
  • Developing and delivering presentations that will keep your audience engaged and build trust with your executive stakeholders.

Present Security to Executive Stakeholders Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Present Security to Executive Stakeholders – A step-by-step guide to communicating security effectively to obtain support from decision makers.

Use this as a guideline to assist you in presenting security to executive stakeholders.

  • Present Security to Executive Stakeholders Storyboard

2. Security Presentation Templates – A set of security presentation templates to assist you in communicating security to executive stakeholders.

The security presentation templates are a set of customizable templates for various types of security presentation including:

  • Present Security to Executive Stakeholders Templates

Infographic

Further reading

Present Security to Executive Stakeholders

Learn how to communicate security effectively to obtain support from decision makers.

Analyst Perspective

Build and deliver an effective security communication to your executive stakeholders.

Ahmad Jowhar

As a security leader, you’re tasked with various responsibilities to ensure your organization can achieve its goals while its most important assets are being protected.

However, when communicating security to executive stakeholders, challenges can arise in determining what topics are pertinent to present. Changes in the security threat landscape coupled with different business goals make identifying how to present security more challenging.

Having a communication framework for presenting security to executive stakeholders will enable you to effectively identify, develop, and deliver your communication goals while obtaining the support you need to achieve your objectives.

Ahmad Jowhar
Research Specialist, Security & Privacy

Info-Tech Research Group

Executive Summary

Your Challenge

Common Obstacles

Info-Tech’s Approach

  • Many security leaders struggle to decide what to present and how to present security to executive stakeholders.
  • Constant changes in the security threat landscape impacts a security leader’s ability to prioritize topics to be communicated.
  • There is a disconnect between security leaders and executive stakeholders on what information is important to present.
  • Security leaders struggle to communicate the importance of security to a non-technical audience.
  • Developing a thorough understanding of security communication goals.
  • Understanding the importance of leveraging highly relevant and understandable data.
  • Developing and delivering presentations that will keep your audience engaged and build trust with your executive stakeholders.

Info-Tech Insight

Security presentations are not a one-way street. The key to a successful executive security presentation is having a goal for the presentation and verifying that you have met your goal.

Your challenge

As a security leader, you need to communicate security effectively to executive stakeholders in order to obtain support for your security objectives.

  • When it comes to presenting security to executive stakeholders, many security leaders find it challenging to convey the necessary information in order to obtain support for security objectives.
  • This is attributed to various factors, such as an increase in the threat landscape, changes to industry regulations and standards, and new organizational goals that security has to align with.
  • Furthermore, with the limited time to communicate with executive stakeholders, both in frequency and duration, identifying the most important information to address can be challenging.

76% of security leaders struggle in conveying the effectiveness of a cybersecurity program.

62% find it difficult to balance the risk of too much detail and need-to-know information.

41% find it challenging to communicate effectively with a mixed technical and non-technical audience.

Source: Deloitte, 2022

Common obstacles

There is a disconnect between security leaders and executive stakeholders when it comes to the security posture of the organization:

  • Executive stakeholders are not confident that their security leaders are doing enough to mitigate security risks.
  • The issue has been amplified, with security threats constantly increasing across all industries.
  • However, security leaders don’t feel that they are in a position to make themselves heard.
  • The lack of organizational security awareness and support from cross-functional departments has made it difficult to achieve security objectives (e.g. education, investments).
  • Defining an approach to remove that disconnect with executive stakeholders is of utmost importance for security leaders, in order to improve their organization’s security posture.

9% of boards are extremely confident in their organization’s cybersecurity risk mitigation measures.

77% of organizations have seen an increase in the number of attacks in 2021.

56% of security leaders claimed their team is not involved when leadership makes urgent security decisions.

Source: EY, 2021
The image contains a screenshot of an Info-Tech Thoughtmodel titled: Presenting Security to Executive Stakeholders.

Info-Tech’s methodology for presenting security to executive stakeholders

1. Identify communication goals

2. Collect information to support goals

3. Develop communication

4. Deliver communication

Phase steps

  1. Identify drivers for communicating to executives
  2. Define your goals for communicating to executives
  1. Identify data to collect
  2. Plan how to retrieve data
  1. Plan communication
  2. Build a compelling communication document
  1. Deliver a captivating presentation
  2. Obtain/verify goals

Phase outcomes

A defined list of drivers and goals to help you develop your security presentations

A list of data sources to include in your communication

A completed communication template

A solidified understanding of how to effectively communicate security to your stakeholders

Develop a structured process for communicating security to your stakeholders

Security presentations are not a one-way street
The key to a successful executive security presentation is having a goal for the presentation and verifying that you have met your goal.

Identifying your goals is the foundation of an effective presentation
Defining your drivers and goals for communicating security will enable you to better prepare and deliver your presentation, which will help you obtain your desired outcome.

Harness the power of data
Leveraging data and analytics will help you provide quantitative-based communication, which will result in a more meaningful and effective presentation.

Take your audience on a journey
Developing a storytelling approach will help engage with your audience.

Win your audience by building a rapport
Establishing credibility and trust with executive stakeholders will enable you to obtain their support for security objectives.

Tactical insight
Conduct background research on audience members (i.e. professional background) to help understand how best to communicate with them and overcome potential objections.

Tactical insight
Verifying your objectives at the end of the communication is important, as it ensures you have successfully communicated to executive stakeholders.

Project deliverables

This blueprint is accompanied by a supporting deliverable which includes five security presentation templates.

Report on Security Initiatives
Template showing how to inform executive stakeholders of security initiatives.

Report on Security Initiatives.

Security Metrics
Template showing how to inform executive stakeholders of current security metrics that would help drive future initiatives.

Security Metrics.

Security Incident Response & Recovery
Template showing how to inform executive stakeholders of security incidents, their impact, and the response plan.

Security Incident Response & Recovery

Security Funding Request
Template showing how to inform executive stakeholders of security incidents, their impact, and the response plan.

Security Funding Request

Key template:

Security and Risk Update

Template showing how to inform executive stakeholders of proactive security and risk initiatives.

Blueprint benefits

IT/InfoSec benefits

Business benefits

  • Reduce effort and time spent preparing cybersecurity presentations for executive stakeholders by having templates to use.
  • Enable security leaders to better prepare what to present and how to present it to their executive stakeholders, as well as driving the required outcomes from those presentations.
  • Establish a best practice for communicating security and IT to executive stakeholders.
  • Gain increased awareness of cybersecurity and the impact executive stakeholders can have on improving an organization’s security posture.
  • Understand how security’s alignment with the business will enable the strategic growth of the organization.
  • Gain a better understanding of how security and IT objectives are developed and justified.

Measure the value of this blueprint

Phase

Measured Value (Yearly)

Phase 1: Identify communication goals

Cost to define drivers and goals for communicating security to executives:

16 FTE hours @ $233K* =$1,940

Phase 2: Collect information to support goals

Cost to collect and synthesize necessary data to support communication goals:

16 FTE hours @ $233K = $1,940

Phase 3: Develop communication

Cost to develop communication material that will contextualize information being shown:

16 FTE hours @ $233K = $1,940

Phase 4: Deliver communication

Potential Savings:

Total estimated effort = $5,820

Our blueprint will help you save $5,820 and over 40 FTE hours

* The financial figure depicts the annual salary of a CISO in 2022

Source: Chief Information Security Officer Salary.” Salary.com, 2022

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

“Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

Guided Implementation

“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

Workshop

“We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

Consulting

“Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

Diagnostics and consistent frameworks used throughout all four options

Phase 1

Identify communication goals

Phase 1 Phase 2 Phase 3 Phase 4

1.1 Identify drivers for communicating to executives

1.2 Define your goals for communicating to executives

2.1 Identify data to collect

2.2 Plan how to retrieve data

3.1 Plan communication

3.2 Build a compelling communication document

4.1 Deliver a captivating presentation

4.2 Obtain/verify support for security goals

This phase will walk you through the following activities:

  • Understanding the different drivers for communicating security to executive stakeholders
  • Identifying different communication goals

This phase involves the following participants:

  • Security leader

1.1. Identify drivers for communicating to executive stakeholders

As a security leader, you meet with executives and stakeholders with diverse backgrounds, and you aim to showcase your organization’s security posture along with its alignment with the business’ goals.

However, with the constant changes in the security threat landscape, demands and drivers for security could change. Thus, understanding potential drivers that will influence your communication will assist you in developing and delivering an effective security presentation.

39% of organizations had cybersecurity on the agenda of their board’s quarterly meeting.

Source: EY, 2021.

Info-Tech Insight

Not all security presentations are the same. Keep your communication strategy and processes agile.

Know your drivers for security presentations

By understanding the influences for your security presentations, you will be able to better plan what to present to executive stakeholders.

  • These meetings, which are usually held once per quarter, provide you with less than one hour of presentation time.
  • Hence, it is crucial to know why you need to present security and whether these drivers are similar across the other presentations.

Understanding drivers will also help you understand how to present security to executive stakeholders.

  • These drivers will shape the structure of your presentation and help determine your approach to communicating your goals.
  • For example, financial-based presentations that are driven by budget requests might create a sense of urgency or assurance about investment in a security initiative.

Identify your communication drivers, which can stem from various initiatives and programs, including:

  • Results from internal or external audit reports.
  • Upcoming budget meetings.
  • Briefing newly elected executive stakeholders on security.

When it comes to identifying your communication drivers, you can collaborate with subject matter experts, like your corporate secretary or steering committees, to ensure the material being communicated will align with some of the organizational goals.

Examples of drivers for security presentations

Audit
Upcoming internal or external audits might require updates on the organization’s compliance

Organizational restructuring
Restructuring within an organization could require security updates

Merger & Acquisition
An M&A would trigger presentations on organization’s current and future security posture

Cyber incident
A cyberattack would require an immediate presentation on its impact and the incident response plan

Ad hoc
Provide security information requested by stakeholders

1.2. Define your goals for communicating to executives

After identifying drivers for your communication, it’s important to determine what your goals are for the presentation.

  • Communication drivers are mainly triggers for why you want to present security.
  • Communication goals are the potential outcomes you are hoping to obtain from the presentation.
  • Your communication goals would help identify what data and metrics to include in your presentation, the structure of your communication deck, and how you deliver your communication to executive stakeholders.

Identifying your communication goals could require the participation of the security team, IT leadership, and other business stakeholders.

  • As a group, brainstorm the security goals that align with your business goals for the coming year.
    • Aim to have at least two business goals that align with each security goal.
  • Identify what benefits and value the executive stakeholders will gain from the security goal being presented.
    • E.g. Increased security awareness, updates on organization's security posture.
  • Identify what the ask is for this presentation.
    • E.g. Approval for increasing budget to support security initiatives, executive support to implement internal security programs.

Info-Tech Insight

There can be different reasons to communicate security to executive stakeholders. You need to understand what you want to get out of your presentation.

Examples of security presentation goals

Educate
Educate the board on security trends and/or latest risks in the industry

Update
Provide updates on security initiatives, relevant security metrics, and compliance posture

Inform
Provide an incident response plan due to a security incident or deliver updates on current threats and risks

Investment
Request funding for security investments or financial updates on past security initiatives

Ad hoc
Provide security information requested by stakeholders

Phase 2

Collect information to support goals

Phase 1Phase 2Phase 3Phase 4

1.1 Identify drivers for communicating to executives

1.2 Define your goals for communicating to executives

2.1 Identify data to collect

2.2 Plan how to retrieve data

3.1 Plan communication

3.2 Build a compelling communication document

4.1 Deliver a captivating presentation

4.2 Obtain/verify support for security goals

This phase will walk you through the following activities:

  • Understanding what types of data to include in your security presentations
  • Defining where and how to retrieve data

This phase involves the following participants:

  • Security leader
  • Network/security analyst

2.1 Identify data to collect

After identifying drivers and goals for your communication, it’s important to include the necessary data to justify the information being communicated.

  • Leveraging data and analytics will assist in providing quantitative-based communication, which will result in a more meaningful and effective presentation.
  • The data presented will showcase the visibility of an organization’s security posture along with potential risks and figures on how to mitigate those risks.
  • Providing analysis of the quantitative data presented will also showcase further insights on the figures, allow the audience to better understand the data, and show its relevance to the communication goals.

Identifying data to collect doesn’t need to be a rigorous task; you can follow these steps to help you get started:

  • Work with your security team to identify the main type of data applicable to the communication goals.
    • E.g. Financial data would be meaningful to use when communicating a budget presentation.
  • Identify supporting data linked to the main data defined.
    • E.g. If a financial investment is made to implement a security initiative, then metrics on improvements to the security posture will be relevant.
  • Show how both the main and supporting data align with the communication goals.
    • E.g. Improvement in security posture would increase alignment with regulation standards, which would result in additional contracts being awarded and increased revenue.

Info-Tech Insight

Understand how to present your information in a way that will be meaningful to your audience, for instance by quantifying security risks in financial terms.

Examples of data to present

Educate
Number of organizations in industry impacted by data breaches during past year; top threats and risks affecting the industries

Update
Degree of compliance with standards (e.g. ISO-27001); metrics on improvement of security posture due to security initiatives

Inform
Percentage of impacted clients and disrupted business functions; downtime; security risk likelihood and financial impact

Investment
Capital and operating expenditure for investment; ROI on past and future security initiatives

Ad hoc
Number of security initiatives that went over budget; phishing test campaign results

2.2 Plan how to retrieve the data

Once the data that is going to be used for the presentation has been identified, it is important to plan how the data can be retrieved, processed, and shared.

  • Most of the data leveraged for security presentations are structured data, which are highly organized data that are often stored in a relational and easily searchable database.
    • This includes security log reports or expenditures for ongoing and future security investments.
  • Retrieving the data, however, would require collaboration and cooperation from different team members.
  • You would need to work with the security team and other appropriate stakeholders to identify where the data is stored and who the data owner is.

Once the data source and owner has been identified, you need to plan how the data would be processed and leveraged for your presentation

  • This could include using queries to retrieve the relevant information needed (e.g. SQL, Microsoft Excel).
  • Verify the accuracy and relevance of the data with other stakeholders to ensure it is the most appropriate data to be presented to the executive stakeholders.

Info-Tech Insight

Using a data-driven approach to help support your objectives is key to engaging with your audience.

Plan where to retrieve the data

Identifying the relevant data sources to retrieve your data and the appropriate data owner enables efficient collaboration between departments collecting, processing, and communicating the data and graphics to the audience.

Examples of where to retrieve your data

Data Source

Data

Data Owner

Communication Goal

Audit & Compliance Reports

Percentage of controls completed to be certified with ISO 27001; Number of security threats & risks identified.

Audit Manager;

Compliance Manager;

Security Leader

Ad hoc, Educate, Inform

Identity & Access Management (IAM) Applications

Number of privileged accounts/department; Percentage of user accounts with MFA applied

Network/Security Analyst

Ad hoc, Inform, Update

Security Information & Event Management (SIEM)

Number of attacks detected and blocked before & after implementing endpoint security; Percentage of firewall rules that triggered a false positive

Network/Security Analyst

Ad hoc, Inform, Update

Vulnerability Management Applications

Percentage of critical vulnerabilities patched; Number of endpoints encrypted

Network/Security Analyst

Ad hoc, Inform, Update

Financial & Accounting Software

Capital & operating expenditure for future security investments; Return on investment (ROI) on past and current security investments

Financial and/or Accounting Manager

Ad hoc, Educate, Investments

Phase 3

Develop communication

Phase 1Phase 2Phase 3Phase 4

1.1 Identify drivers for communicating to executives

1.2 Define your goals for communicating to executives

2.1 Identify data to collect

2.2 Plan how to retrieve data

3.1 Plan communication

3.2 Build a compelling communication document

4.1 Deliver a captivating presentation

4.2 Obtain/verify support for security goals

This phase will walk you through the following activities:

  • Identifying a communication strategy for presenting security
  • Identifying security templates that are applicable to your presentation

This phase involves the following participants:

  • Security leader

3.1 Plan communication: Know who your audience is

  • When preparing your communication, it's important to understand who your target audience is and to conduct background research on them.
  • This will help develop your communication style and ensure your presentation caters to the expected audience in the room.

Examples of two profiles in a boardroom

Formal board of directors

The executive team

  • In the private sector, this will include an appointed board of shareholders and subcommittees external to the organization.
  • In the public sector, this can include councils, commissions, or the executive team itself.
  • In government, this can include mayors, ministers, and governors.
  • The board’s overall responsibility is governance.
  • This audience will include your boss and your peers internal to the organization.
  • This category is primarily involved in the day-to-day operations of the organization and is responsible for carrying out the strategic direction set by the board.
  • The executive team’s overall responsibility is operations.

3.1.1 Know what your audience cares about

  • Understanding what your executive stakeholders value will equip you with the right information to include in your presentations.
  • Ensure you conduct background research on your audience to assist you in knowing what their potential interests are.
  • Your background research could include:
    • Researching the audience’s professional background through LinkedIn.
    • Reviewing their comments from past executive meetings.
    • Researching current security trends that align with organizational goals.
  • Once the values and risks have been identified, you can document them in notes and share the notes with subject matter experts to verify if these values and risks should be shared in the coming meetings.

A board’s purpose can include the following:

  • Sustaining and expanding the organization’s purpose and ability to execute in a competitive market.
  • Determining and funding the organization’s future and direction.
  • Protecting and increasing shareholder value.
  • Protecting the company’s exposure to risks.

Examples of potential values and risks

  • Business impact
  • Financial impact
  • Security and incidents

Info-Tech Insight
Conduct background research on audience members (e.g. professional background on LinkedIn) to help understand how best to communicate to them and overcome potential objections.

Understand your audience’s concerns

  • Along with knowing what your audience values and cares about, understanding their main concerns will allow you to address those items or align them with your communication.
  • By treating your executive stakeholders as your project sponsors, you would build a level of trust and confidence with your peers as the first step to tackling their concerns.
  • These concerns can be derived from past stakeholder meetings, recent trends in the industry, or strategic business alignments.
  • After capturing their concerns, you’ll be equipped with the necessary understanding on what material to include and prioritize during your presentations.

Examples of potential concerns for each profile of executive stakeholders

Formal board of directors

The executive team

  • Business impact (What is the impact of IT in solving business challenges?)
  • Investments (How will it impact organization’s finances and efficiency?)
  • Cybersecurity and risk (What are the top cybersecurity risks, and how is IT mitigating those risks to the business?)
  • Business alignment (How do IT priorities align to the business strategy and goals?)
  • IT operational efficiency (How is IT set up for success with foundational elements of IT’s operational strategy?)
  • Innovation & transformation priorities (How is IT enabling the organization’s competitive advantage and supporting transformation efforts as a strategic business partner?)

Build your presentation to tackle their main concerns

Your presentation should be well-rounded and compelling when it addresses the board’s main concerns about security.

Checklist:

  • Research your target audience (their backgrounds, board composition, dynamics, executive team vs. external group).
  • Include value and risk language in your presentation to appeal to your audience.
  • Ensure your content focuses on one or more of the board’s main concerns with security (e.g. business impact, investments, or risk).
  • Include information about what is in it for them and the organization.
  • Research your board’s composition and skillsets to determine their level of technical knowledge and expertise. This helps craft your presentation with the right amount of technology vs. business-facing information.

Info-Tech Insight
The executive stakeholder’s main concerns will always boil down to one important outcome: providing a level of confidence to do business through IT products, services, and systems – including security.

3.1.2 Take your audience through a security journey

  • Once you have defined your intended target and their potential concerns, developing the communication through a storytelling approach will be the next step to help build a compelling presentation.
  • You need to help your executive stakeholders make sense of the information being conveyed and allow them to understand the importance of cybersecurity.
  • Taking your audience through a story will allow them to see the value of the information being presented and better resonate with its message.
  • You can derive insights for your storytelling presentation by doing the following:
    • Provide a business case scenario on the topic you are presenting.
    • Identify and communicate the business problem up front and answer the three questions (why, what, how).
    • Quantify the problems in terms of business impact (money, risk, value).

Info-Tech Insight
Developing a storytelling approach will help keep your audience engaged and allow the information to resonate with them, which will add further value to the communication.

Identify the purpose of your presentation

You should be clear about your bottom line and the intent behind your presentation. However, regardless of your bottom line, your presentation must focus on what business problems you are solving and why security can assist in solving the problem.

Examples of communication goals

To inform or educate

To reach a decision

  • In this presentation type, it is easy for IT leaders to overwhelm a board with excessive or irrelevant information.
  • Focus your content on the business problem and the solution proposed.
  • Refrain from too much detail about the technology – focus on business impact and risk mitigated. Ask for feedback if applicable.
  • In this presentation type, there is a clear ask and an action required from the board of directors.
  • Be clear about what this decision is. Once again, don’t lead with the technology solution: Start with the business problem you are solving, and only talk about technology as the solution if time permits.
  • Ensure you know who votes and how to garner their support.

Info-Tech Insight
Nobody likes surprises. Communicate early and often. The board should be pre-briefed, especially if it is a difficult subject. This also ensures you have support when you deliver a difficult message.

Gather the right information to include in your boardroom presentation

Once you understand your target audience, it’s important to tailor your presentation material to what they will care about.

Typical IT boardroom presentations include:

  • Communicating the value of ongoing business technology initiatives.
  • Requesting funds or approval for a business initiative that IT is spearheading.
  • Security incident response/Risk/DRP.
  • Developing a business program or an investment update for an ongoing program.
  • Business technology strategy highlights and impacts.
  • Digital transformation initiatives (value, ROI, risk).

Info-Tech Insight
You must always have a clear goal or objective for delivering a presentation in front of your board of directors. What is the purpose of your board presentation? Identify your objective and outcome up front and tailor your presentation’s story and contents to fit this purpose.

Info-Tech Insight
Telling a good story is not about the message you want to deliver but the one the executive stakeholders want to hear. Articulate what you want them to think and what you want them to take away, and be explicit about it in your presentation. Make your story logically flow by identifying the business problem, complication, the solution, and how to close the gap. Most importantly, communicate the business impacts the board will care about.

Structure your presentation to tell a logical story

To build a strong story for your presentation, ensure you answer these three questions:

WHY

Why is this a business issue, or why should the executive stakeholders care?

WHAT

What is the impact of solving the problem and driving value for the company?

HOW

How will we leverage our resources (technology, finances) to solve the problem?

Examples:

Scenario 1: The company has experienced a security incident.

Intent: To inform/educate the board about the security incident.

WHY

The data breach has resulted in a loss of customer confidence, negative brand impact, and a reduction in revenue of 30%.

WHAT

Financial, legal, and reputational risks identified, and mitigation strategies implemented. IT is working with the PR team on communications. Incident management playbook executed.

HOW

An analysis of vulnerabilities was conducted and steps to address are in effect. Recovery steps are 90% completed. Incident management program reviewed for future incidents.

Scenario 2: Security is recommending investments based on strategic priorities.

Intent: To reach a decision with the board – approve investment proposal.

WHY

The new security strategy outlines two key initiatives to improve an organization’s security culture and overall risk posture.

WHAT

Security proposed an investment to implement a security training & phishing test campaign, which will assist in reducing data breach risks.

HOW

Use 5% of security’s budget to implement security training and phishing test campaigns.

Time plays a key role in delivering an effective presentation

What you include in your story will often depend on how much time you have available to deliver the message.

Consider the following:

  • Presenting to executive stakeholders often means you have a short window of time to deliver your message. The average executive stakeholder presentation is 15 minutes, and this could be cut short due to other unexpected factors.
  • If your presentation is too long, you risk overwhelming or losing your audience. You must factor in the time constraints when building your board presentation.
  • Your executive stakeholders have a wealth of experience and knowledge, which means they could jump to conclusions quickly based on their own experiences. Ensure you give them plenty of background information in advance. Provide your presentation material, a brief, or any other supporting documentation before the meeting to show you are well prepared.
  • Be prepared to have deep conversations about the topic, but respect that the executive stakeholders might not be interested in hearing the tactical information. Build an elevator pitch, a one-pager, back-up slides that support your ask and the story, and be prepared to answer questions within your allotted presentation time to dive deeper.

Navigating through Q&A

Use the Q&A portion to build credibility with the board.

  • It is always better to say, “I’m not certain about the answer but will follow up,” than to provide false or inaccurate information on the spot.
  • When asked challenging or irrelevant questions, ensure you have an approach to deflect them. Questions can often be out of scope or difficult to answer in a group. Find what works for you to successfully navigate through these questions:
    • “Let’s work with the sub-committee to find you an answer.”
    • “Let’s take that offline to address in more detail.”
    • “I have some follow-up material I can provide you to discuss that further after our meeting.”
  • And ensure you follow up! Make sure to follow through on your promise to provide information or answers after the meeting. This helps build trust and credibility with the board.

Info-Tech Insight
The average board presentation is 15 minutes long. Build no more than three or four slides of content to identify the business problem, the business impacts, and the solution. Leave five minutes for questions at the end, and be prepared with back-up slides to support your answers.

Storytelling checklist

Checklist:

  • Tailor your presentation based on how much time you have.
  • Find out ahead of time how much time you have.
  • Identify if your presentation is to inform/educate or reach a decision.
  • Identify and communicate the business problem up front and answer the three questions (why, what, how).
  • Express the problem in terms of business impact (risk, value, money).
  • Prepare and send pre-meeting collateral to the members of the board and executive team.
  • Include no more than 5-6 slides for your presentation.
  • Factor in Q&A time at the end of your presentation window.
  • Articulate what you want them to think and what you want them to take away – put it right up front and remind them at the end.
  • Have an elevator speech handy – one or two sentences and a one-pager version of your story.
  • Consider how you will build your relationship with the members outside the boardroom.

3.1.3 Build a compelling communication document

Once you’ve identified your communication goals, data, and plan to present to your stakeholders, it’s important to build the compelling communication document that will attract all audiences.

A good slide design increases the likelihood that the audience will read the content carefully.

  • Bad slide structure (flow) = Audience loses focus
    • You can have great content on a slide, but if a busy audience gets confused, they’ll just close the file or lose focus. Structure encompasses horizontal and vertical logic.
  • Good visual design = Audience might read more
    • Readers will probably skim the slides first. If the slides look ugly, they will already have a negative impression. If the slides are visually appealing, they will be more inclined to read carefully. They may even use some slides to show others.
  • Good content + Good structure + Visual appeal = Good presentation
    • A presentation is like a house. Good content is the foundation of the house. Good structure keeps the house strong. Visual appeal differentiates houses.

Slide design best practices

Leverage these slide design best practices to assist you in developing eye-catching presentations.

  • Easy to read: Assume reader is tight on time. If a slide looks overwhelming, the reader will close the document.
  • Concise and clear: Fewer words = more skim-able.
  • Memorable: Use graphics and visuals or pithy quotes whenever you can do so appropriately.
  • Horizontal logic: Good horizontal logic will have slide titles that cascade into a story with no holes or gaps.
  • Vertical logic: People usually read from left to right, top to bottom, or in a Z pattern. Make sure your slide has an intuitive flow of content.
  • Aesthetics: People like looking at visually appealing slides, but make sure your attempts to create visual appeal do not detract from the content.

Your presentation must have a logical flow

Horizontal logic

Vertical logic

  • Horizontal logic should tell a story.
  • When slide titles are read in a cascading manner, they will tell a logical and smooth story.
  • Title & tagline = thesis (best insight).
  • Vertical logic should be intuitive.
  • Each step must support the title.
  • The content you intend to include within each slide is directly applicable to the slide title.
  • One main point per slide.

Vertical logic should be intuitive

The image contains a screenshot example of a bad design layout for a slide. The image contains a screenshot example of a good design layout for a slide.

The audience is unsure where to look and in what order.

The audience knows to read the heading first. Then look within the pie chart. Then look within the white boxes to the right.

Horizontal and vertical logic checklists

Horizontal logic

Vertical logic

  • List your slide titles in order and read through them.
  • Good horizontal logic should feel like a story. Incomplete horizontal logic will make you pause or frown.
  • After a self-test, get someone else to do the same exercise with you observing them.
  • Note at which points they pause or frown. Discuss how those points can be improved.
  • Now consider each slide title proposed and the content within it.
  • Identify if there is a disconnect in title vs. content.
  • If there is a disconnect, consider changing the title of the slide to appropriately reflect the content within it, or consider changing the content if the slide title is an intended path in the story.

Make it easy to read

The image contains a screenshot that demonstrates an uneasy to read slide. The image contains a screenshot that demonstrates an easy to read slide.
  • Unnecessary coloring makes it hard on the eyes
  • Margins for title at top is too small
  • Content is not skim-able (best to break up the slide)

Increase skim-ability:

  • Emphasize the subheadings
  • Bold important words

Make it easier on the eyes:

  • Declutter and add sections
  • Have more white space

Be concise and clear

  1. Write your thoughts down
    • This gets your content documented.
    • Don’t worry about clarity or concision yet.
  2. Edit for clarity
    • Make sure the key message is very clear.
    • Find your thesis statement.
  3. Edit for concision
    • Remove unnecessary words.
    • Use the active voice, not passive voice (see below for examples).

Passive voice

Active voice

“There are three things to look out for” (8 words)

“Network security was compromised by hackers” (6 words)

“Look for these three things” (5 words)

“Hackers compromised network security” (4 words)

Be memorable

The image contains a screenshot of an example that demonstrates a bad example of how to be memorable. The image contains a screenshot of an example that demonstrates a good example of how to be memorable.

Easy to read, but hard to remember the stats.

The visuals make it easier to see the size of the problem and make it much more memorable.

Remember to:

  • Have some kind of visual (e.g. graphs, icons, tables).
  • Divide the content into sections.
  • Have a bit of color on the page.

Aesthetics

The image contains a screenshot of an example of bad aesthetics. The image contains a screenshot of an example of good aesthetics.

This draft slide is just content from the outline document on a slide with no design applied yet.

  • Have some kind of visual (e.g. graphs, icons, tables) as long as it’s appropriate.
  • Divide the content into sections.
  • Have a bit of color on the page.
  • Bold or italicize important text.

Why use visuals?

How graphics affect us

Cognitively

  • Engage our imagination
  • Stimulate the brain
  • Heighten creative thinking
  • Enhance or affect emotions

Emotionally

  • Enhance comprehension
  • Increase recollection
  • Elevate communication
  • Improve retention

Visual clues

  • Help decode text
  • Attract attention
  • Increase memory

Persuasion

  • 43% more effective than text alone
Source: Management Information Systems Research Center

Presentation format

Often stakeholders prefer to receive content in a specific format. Make sure you know what you require so that you are not scrambling at the last minute.

  • Is there a standard presentation template?
  • Is a hard-copy handout required?
  • Is there a deadline for draft submission?
  • Is there a deadline for final submission?
  • Will the presentation be circulated ahead of time?
  • Do you know what technology you will be using?
  • Have you done a dry run in the meeting room?
  • Do you know the meeting organizer?

Checklist to build compelling visuals in your presentation

Leverage this checklist to ensure you are creating the perfect visuals and graphs for your presentation.

Checklist:

  • Do the visuals grab the audience’s attention?
  • Will the visuals mislead the audience/confuse them?
  • Do the visuals facilitate data comparison or highlight trends and differences in a more effective manner than words?
  • Do the visuals present information simply, cleanly, and accurately?
  • Do the visuals display the information/data in a concentrated way?
  • Do the visuals illustrate messages and themes from the accompanying text?

3.2 Security communication templates

Once you have identified your communication goals and plans for building your communication document, you can start building your presentation deck.

These presentation templates highlight different security topics depending on your communication drivers, goals, and available data.

Info-Tech has created five security templates to assist you in building a compelling presentation.

These templates provide support for presentations on the following five topics:

  • Security Initiatives
  • Security & Risk Update
  • Security Metrics
  • Security Incident Response & Recovery
  • Security Funding Request

Each template provides instructions on how to use it and tips on ensuring the right information is being presented.

All the templates are customizable, which enables you to leverage the sections you need while also editing any sections to your liking.

The image contains screenshots of the Security Presentation Templates.

Download the Security Presentation Templates

Security template example

It’s important to know that not all security presentations for an organization are alike. However, these templates would provide a guideline on what the best practices are when communicating security to executive stakeholders.

Below is an example of instructions to complete the “Security Risk & Update” template. Please note that the security template will have instructions to complete each of its sections.

The image contains a screenshot of the Executive Summary slide. The image contains a screenshot of the Security Goals & Objectives slide.

The first slide following the title slide includes a brief executive summary on what would be discussed in the presentation. This includes the main security threats that would be addressed and the associated risk mitigation strategies.

This slide depicts a holistic overview of the organization’s security posture in different areas along with the main business goals that security is aligning with. Ensure visualizations you include align with the goals highlighted.

Security template example (continued)

The image contains a screenshot example of the Top Threats & Risks. The image contains a screenshot example of the Top Threats & Risks.

This slide displays any top threats and risks an organization is facing. Each threat consists of 2-3 risks and is prioritized based on the negative impact it could have on the organization (i.e. red bar = high priority; green bar = low priority). Include risks that have been addressed in the past quarter, and showcase any prioritization changes to those risks.

This slide follows the “Top Threats & Risks” slide and focuses on the risks that had medium or high priority. You will need to work with subject matter experts to identify risk figures (likelihood, financial impact) that will enable you to quantify the risks (Likelihood x Financial Impact). Develop a threshold for each of the three columns to identify which risks require further prioritization, and apply color coding to group the risks.

Security template example (continued)

The image contains a screenshot example of the slide, Risk Analysis. The image contains a screenshot example of the slide, Risk Mitigation Strategies & Roadmap.

This slide showcases further details on the top risks along with their business impact. Be sure to include recommendations for the risks and indicate whether further action is required from the executive stakeholders.

The last slide of the “Security Risk & Update” template presents a timeline of when the different initiatives to mitigate security risks would begin. It depicts what initiatives will be completed within each fiscal year and the total number of months required. As there could be many factors to a project’s timeline, ensure you communicate to your executive stakeholders any changes to the project.

Phase 4

Deliver communication

Phase 1Phase 2Phase 3Phase 4

1.1 Identify drivers for communicating to executives

1.2 Define your goals for communicating to executives

2.1 Identify data to collect

2.2 Plan how to retrieve data

3.1 Plan communication

3.2 Build a compelling communication document

4.1 Deliver a captivating presentation

4.2 Obtain/verify support for security goals

This phase will walk you through the following activities:

  • Identifying a strategy to deliver compelling presentations
  • Ensuring you follow best practices for communicating and obtaining your security goals

This phase involves the following participants:

  • Security leader

4.1 Deliver a captivating presentation

You’ve gathered all your data, you understand what your audience is expecting, and you are clear on the outcomes you require. Now, it’s time to deliver a presentation that both engages and builds confidence.

Follow these tips to assist you in developing an engaging presentation:

  • Start strong: Give your audience confidence that this will be a good investment of their time. Establish a clear direction for what’s going to be covered and what the desired outcome is.
  • Use your time wisely: Odds are, your audience is busy, and they have many other things on their minds. Be prepared to cover your content in the time allotted and leave sufficient time for discussion and questions.
  • Be flexible while presenting: Do not expect that your presentation will follow the path you have laid out. Anticipate jumping around and spending more or less time than you had planned on a given slide.

Keep your audience engaged with these steps

  • Be ready with supporting data. Don’t make the mistake of not knowing your content intimately. Be prepared to answer questions on any part of it. Senior executives are experts at finding holes in your data.
  • Know your audience. Who are you presenting to? What are their specific expectations? Are there sensitive topics to be avoided? You can’t be too prepared when it comes to understanding your audience.
  • Keep it simple. Don’t assume that your audience wants to learn the details of your content. Most just want to understand the bottom line, the impact on them, and how they can help. More is not always better.
  • Focus on solving issues. Your audience members have many of their own problems and issues to worry about. If you show them how you can help make their lives easier, you’ll win them over.

Info-Tech Insight
Establishing credibility and trust with executive stakeholders is important to obtaining their support for security objectives.

Be honest and straightforward with your communication

  • Be prepared. Being properly prepared means not only that your update will deliver the value that you expect, but also that you will have confidence and the flexibility you require when you’re taken off track.
  • Don’t sugarcoat it. These are smart, driven people that you are presenting to. It is neither beneficial nor wise to try to fool them. Be open and transparent about problems and issues. Ask for help.
  • No surprises. An executive stakeholder presentation is not the time or the place for a surprise. Issues seen as unexpected or contentious should always be dealt with prior to the meeting with those most impacted.

Hone presentation skills before meeting with the executive stakeholders

Know your environment

Be professional but not boring

Connect with your audience

  • Your organization has standards for how people are expected to dress at work. Make sure that your attire meets this standard – don’t be underdressed.
  • Think about your audience – would they appreciate you starting with a joke, or do they want you to get to the point as quickly as possible?
  • State the main points of your presentation confidently. While this should be obvious, it is essential. Your audience should be able to clearly see that you believe the points you are stating.
  • Present with lots of energy, smile, and use hand gestures to support your speech.
  • Look each member of the audience in the eye at least once during your presentation. Avoid looking at the ceiling, the back wall, or the floor. Your audience should feel engaged – this is essential to keeping their attention on you.
  • Never read from your slides. If there is text on a slide, paraphrase it while maintaining eye contact.

Checklist for presentation logistics

Optimize the timing of your presentation:

  • Less is more: Long presentations are detrimental to your cause – they lead to your main points being diluted. Keep your presentation short and concise.
  • Keep information relevant: Only present information that is important to your audience. This includes the information that they are expecting to see and information that connects to the business.
  • Expect delays: Your audience will likely have questions. While it is important to answer each question fully, it will take away from the precious time given to you for your presentation. Expect that you will not get through all the information you have to present.

Script your presentation:

  • Use a script to stay on track: Script your presentation before the meeting. A script will help you present your information in a concise and structured manner.
  • Develop a second script: Create a script that is about half the length of the first script but still contains the most important points. This will help you prepare for any delays that may arise during the presentation.
  • Prepare for questions: Consider questions that may be asked and script clear and concise answers to each.
  • Practice, practice, practice: Practice your presentation until you no longer need the script in front of you.

Checklist for presentation logistics (continued)

Other considerations:

  • After the introduction of your presentation, clearly state the objective – don’t keep people guessing and consequently lose focus on your message.
  • After the presentation is over, document important information that came up. Write it down or you may forget it soon after.
  • Rather than create a long presentation deck full of detailed slides that you plan to skip over during the presentation, create a second, compact deck that contains only the slides you plan to present. Send out the longer deck after the presentation.

Checklist for delivering a captivating presentation

Leverage this checklist to ensure you are prepared to develop and deliver an engaging presentation.

Checklist:

  • Start with a story or something memorable to break the ice.
  • Go in with the end state in mind (focus on the outcome/end goal and work back from there) – What’s your call to action?
  • Content must compliment your end goal, filter out any content that doesn’t compliment the end goal.
  • Be prepared to have less time to speak. Be prepared with shorter versions of your presentation.
  • Include an appendix with supporting data, but don’t be data heavy in your presentation. Integrate the data into a story. The story should be your focus.

Checklist for delivering a captivating presentation (continued)

  • Be deliberate in what you want to show your audience.
  • Ensure you have clean slides so the audience can focus on what you’re saying.
  • Practice delivering your content multiple times alone and in front of team members or your Info-Tech counselor, who can provide feedback.
  • How will you handle being derailed? Be prepared with a way to get back on track if you are derailed.
  • Ask for feedback.
  • Record yourself presenting.

4.2 Obtain and verify support on security goals

Once you’ve delivered your captivating presentation, it’s imperative to communicate with your executive stakeholders.

  • This is your opportunity to open the floor for questions and clarify any information that was conveyed to your audience.
  • Leverage your appendix and other supporting documents to justify your goals.
  • Different approaches to obtaining and verifying your goals could include:
    • Acknowledgment from the audience that information communicated aligns with the business’s goals.
    • Approval of funding requests for security initiatives.
    • Written and verbal support for implementation of security initiatives.
    • Identifying next steps for information to communicate at the next executive stakeholder meeting.

Info-Tech Insight
Verifying your objectives at the end of the presentation is important, as it ensures you have successfully communicated to executive stakeholders.

Checklist for obtaining and verify support on security goals

Follow this checklist to assist you in obtaining and verifying your communication goals.

Checklist:

  • Be clear about follow-up and next steps if applicable.
  • Present before you present: Meet with your executive stakeholders before the meeting to review and discuss your presentation and other supporting material and ensure you have executive/CEO buy-in.
  • “Be humble, but don’t crumble” – demonstrate to the executive stakeholders that you are an expert while admitting you don’t know everything. However, don’t be afraid to provide your POV and defend it if need be. Strike the right balance to ensure the board has confidence in you while building a strong relationship.
  • Prioritize a discussion over a formal presentation. Create an environment where they feel like they are part of the solution.

Summary of Accomplishment

Problem Solved

A better understanding of security communication drivers and goals

  • Understanding the difference between communication drivers and goals
  • Identifying your drivers and goals for security presentation

A developed a plan for how and where to retrieve data for communication

  • Insights on what type of data can be leveraged to support your communication goals
  • Understanding who you can collaborate with and potential data sources to retrieve data from

A solidified communication plan with security templates to assist in better presenting to your audience

  • A guideline on how to prepare security presentations to executive stakeholders
  • A list of security templates that can be customized and used for various security presentations

A defined guideline on how to deliver a captivating presentation to achieve your desired objectives

  • Clear message on best practices for delivering security presentations to executive stakeholders
  • Understanding how to verify your communication goals have been obtained

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

Contact your account representative for more information.

workshops@infotech.com

1-888-670-8889

Related Info-Tech Research

Build an Information Security Strategy
This blueprint will walk you through the steps of tailoring best practices to effectively manage information security.

Build a Security Metrics Program to Drive Maturity
This blueprint will assist you in identifying security metrics that can tie to your organizational goals and build those metrics to achieve your desired maturity level.

Bibliography

Bhadauriya, Amit S. “Communicating Cybersecurity Effectively to the Board.” Metricstream. Web.
Booth, Steven, et al. “The Biggest Mistakes Made When Presenting Cyber Security to Senior Leadership or the Board, and How to Fix Them.” Mandiant, May 2019. Web.
Bradford, Nate. “6 Slides Every CISO Should Use in Their Board Presentation.” Security Boulevard, 9 July 2020. Web.
Buckalew, Lauren, et al. “Get the Board on Board: Leading Cybersecurity from the Top Down.” Newsroom, 2 Dec. 2019. Web.
Burg, Dave, et al. “Cybersecurity: How Do You Rise above the Waves of a Perfect Storm?” EY US - Home, EY, 22 July 2021. Web.
Carnegie Endowment for International Peace. Web.
“Chief Information Security Officer Salary.” Salary.com, 2022. Web.
“CISO's Guide to Reporting to the Board - Apex Assembly.” CISO's Guide To Reporting to the Board. Web.
“Cyber Security Oversight in the Boardroom” KPMG, Jan. 2016. Web.
“Cybersecurity CEO: My 3 Tips for Presenting in the Boardroom.” Cybercrime Magazine, 31 Mar. 2020. Web.
Dacri , Bryana. Do's & Don'ts for Security Professionals Presenting to Executives. Feb. 2018. Web.
Froehlich, Andrew. “7 Cybersecurity Metrics for the Board and How to Present Them: TechTarget.” Security, TechTarget, 19 Aug. 2022. Web.
“Global Board Risk Survey.” EY. Web.
“Guidance for CISOs Presenting to the C-Suite.” IANS, June 2021. Web.
“How to Communicate Cybersecurity to the Board of Directors.” Cybersecurity Conferences & News, Seguro Group, 12 Mar. 2020. Web.
Ide, R. William, and Amanda Leech. “A Cybersecurity Guide for Directors” Dentons. Web.
Lindberg, Randy. “3 Tips for Communicating Cybersecurity to the Board.” Cybersecurity Software, Rivial Data Security, 8 Mar. 2022. Web.
McLeod, Scott, et al. “How to Present Cybersecurity to Your Board of Directors.” Cybersecurity & Compliance Simplified, Apptega Inc, 9 Aug. 2021. Web.
Mickle, Jirah. “A Recipe for Success: CISOs Share Top Tips for Successful Board Presentations.” Tenable®, 28 Nov. 2022. Web.
Middlesworth, Jeff. “Top-down: Mitigating Cybersecurity Risks Starts with the Board.” Spiceworks, 13 Sept. 2022. Web.
Mishra, Ruchika. “4 Things Every CISO Must Include in Their Board Presentation.” Security Boulevard, 17 Nov. 2020. Web.
O’Donnell-Welch, Lindsey. “CISOs, Board Members and the Search for Cybersecurity Common Ground.” Decipher, 20 Oct. 2022. Web.

Bibliography

“Overseeing Cyber Risk: The Board's Role.” PwC, Jan. 2022. Web.
Pearlson, Keri, and Nelson Novaes Neto. “7 Pressing Cybersecurity Questions Boards Need to Ask.” Harvard Business Review, 7 Mar. 2022. Web.
“Reporting Cybersecurity Risk to the Board of Directors.” Web.
“Reporting Cybersecurity to Your Board - Steps to Prepare.” Pondurance ,12 July 2022. Web.
Staynings, Richard. “Presenting Cybersecurity to the Board.” Resource Library. Web.
“The Future of Cyber Survey.” Deloitte, 29 Aug. 2022. Web.
“Top Cybersecurity Metrics to Share with Your Board.” Packetlabs, 10 May 2022. Web.
Unni, Ajay. “Reporting Cyber Security to the Board? How to Get It Right.” Cybersecurity Services Company in Australia & NZ, 10 Nov. 2022. Web.
Vogel, Douglas, et al. “Persuasion and the Role of Visual Presentation Support.” Management Information Systems Research Center, 1986.
“Welcome to the Cyber Security Toolkit for Boards.” NCSC. Web.

Research Contributors

  • Fred Donatucci, New-Indy Containerboard, VP, Information Technology
  • Christian Rasmussen, St John Ambulance, Chief Information Officer
  • Stephen Rondeau, ZimVie, SVP, Chief Information Officer

Harness Configuration Management Superpowers

  • Buy Link or Shortcode: {j2store}303|cart{/j2store}
  • member rating overall impact (scale of 10): 8.5/10 Overall Impact
  • member rating average dollars saved: $12,999 Average $ Saved
  • member rating average days saved: 10 Average Days Saved
  • Parent Category Name: Asset Management
  • Parent Category Link: /asset-management
  • Configuration management databases (CMDB) are a lot of work to build and maintain. Starting down this process without the right tools, processes, and buy-in is a lot of work with very little reward.
  • If you decide to just build it and expect they will come, you may find it difficult to articulate the value, and you will be disappointed by the lack of visitors.
  • Relying on manual entry or automated data collection without governance may result in data you can’t trust, and if no one trusts the data, they won’t use it.

Our Advice

Critical Insight

  • The right mindset is just as important as the right tools. By involving everyone early, you can ensure the right data is captured and validated and you can make maintenance part of the culture. This is critical to reaching early and continual value with a CMDB.

Impact and Result

  • Define your use cases: Identify the use cases and prioritize those objectives into phases. Define what information will be needed to meet the use cases and how that information will be populated.
  • Understand and design the CMDB data model: Define services and undiscoverable configuration items (CI) and map them to the discoverable CIs.
  • Operationalize configuration record updates: Define data stewards and governance processes and integrate your configuration management practice with existing practices and lifecycles.

Harness Configuration Management Superpowers Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Harness Configuration Management Superpowers Deck – A step-by-step document that walks you through creating a configuration management program.

Use this blueprint to create a configuration management program that provides immediate value.

  • Harness Configuration Management Superpowers – Phases 1-4

2. Configuration Management Project Charter Template – A project charter template to help you build a concise document for communicating appropriate project details to stakeholders.

Use this template to create a project charter to launch the configuration management project.

  • Configuration Management Project Charter

3. Configuration Control Board Charter Template – A board charter template to help you define the roles and responsibilities of the configuration control board.

Use this template to create your board charter for your configuration control board (CCB). Define roles and responsibilities and mandates for the CCB.

  • Configuration Control Board Charter

4. Configuration Management Standard Operating Procedures (SOP) Template – An SOP template to describe processes and procedures for ongoing maintenance of the CMDB under the configuration management program.

Use this template to create and communicate your SOP to ensure ongoing maintenance of the CMDB under the configuration management program.

  • Configuration Management Standard Operation Procedures

5. Configuration Management Audit and Validation Checklist Template – A template to be used as a starting point to meet audit requirements under NIST and ITIL programs.

Use this template to assess capability to pass audits, adding to the template as needed to meet internal auditors’ requirements.

  • Configuration Management Audit and Validation Checklist

6. Configuration Management Policy Template – A template to be used for building out a policy for governance over the configuration management program.

Use this template to build a policy for your configuration management program.

  • Configuration Management Policy

7. Use Cases and Data Worksheet – A template to be used for validating data requirements as you work through use cases.

Use this template to determine data requirements to meet use cases.

  • Use Cases and Data Worksheet

8. Configuration Management Diagram Template Library – Examples of process workflows and data modeling.

Use this library to view sample workflows and a data model for the configuration management program.

  • Configuration Management Diagram Template Library (Visio)
  • Configuration Management Diagram Template Library (PDF)

9. Configuration Manager Job Description – Roles and responsibilities for the job of Configuration Manager.

Use this template as a starting point to create a job posting, identifying daily activities, responsibilities, and required skills as you create or expand your configuration management program.

  • Configuration Manager

Infographic

Workshop: Harness Configuration Management Superpowers

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Configuration Management Strategy

The Purpose

Define the scope of your service configuration management project.

Design the program to meet specific stakeholders needs

Identify project and operational roles and responsibilities.

Key Benefits Achieved

Designed a sustainable approach to building a CMDB.

Activities

1.1 Introduction

1.2 Define challenges and goals.

1.3 Define and prioritize use cases.

1.4 Identify data needs to meet these goals.

1.5 Define roles and responsibilities.

Outputs

Data and reporting use cases based on stakeholder requirements

Roles and responsibility matrix

2 CMDB Data Structure

The Purpose

Build a data model around the desired use cases.

Identify the data sources for populating the CMDB.

Key Benefits Achieved

Identified which CIs and relationships will be captured in the CMDB.

Activities

2.1 Define and prioritize your services.

2.2 Evaluate CMDB default classifications.

2.3 Test configuration items against existing categories.

2.4 Build a data model diagram.

Outputs

List of CI types and relationships to be added to default settings

CMDB data model diagram

3 Processes

The Purpose

Key Benefits Achieved

Built a right-sized approach to configuration record updates and data validation.

Activities

3.1 Define processes for onboarding, offboarding, and maintaining data in the CMDB.

3.2 Define practices for configuration baselines.

3.3 Build a data validation and auditing plan.

Outputs

Documented processes and workflows

Data validation and auditing plan

4 Communications & Roadmap

The Purpose

Key Benefits Achieved

Metrics program defined

Communications designed

Activities

4.1 Define key metrics for configuration management.

4.2 Define metrics for supporting services.

4.3 Build configuration management policies.

4.4 Create a communications plan.

4.5 Build a roadmap

Outputs

Policy for configuration management

Communications documents

Roadmap for next steps

Further reading

Harness Configuration Management Superpowers

Create a configuration management practice that will provide ongoing value to the organization.

EXECUTIVE BRIEF

Analyst Perspective

A robust configuration management database (CMDB) can provide value to the business and superpowers to IT. It's time to invest smartly to reap the rewards.

IT environments are becoming more and more complex, and balancing demands for stability and demands for faster change requires visibility to make the right decisions. IT needs to know their environment intimately. They need to understand dependencies and integrations and feel confident they are making decisions with the most current and accurate view.

Solutions for managing operations rely on the CMDB to bring visibility to issues, calculate impact, and use predictive analytics to fix performance issues before they become major incidents. AIOps solutions need accurate data, but they can also help identify configuration drift and flag changes or anomalies that need investigation.

The days of relying entirely on manual entry and updates are all but gone, as the functionality of a robust configuration management system requires daily updates to provide value. We used to rely on that one hero to make sure information was up to date, but with the volume of changes we see in most environments today, it's time to improve the process and provide superpowers to the entire IT department.

This is a picture of Sandi Conrad

Sandi Conrad, ITIL Managing Professional
Principal Research Director, IT Infrastructure & Operations, Info-Tech Research Group

Executive Summary

Your Challenge

  • Build a configuration management database (CMDB): You need to implement a CMDB, populate it with records and relationships, and integrate it with discovery and management tools.
  • Identify the benefits of a CMDB: Too many CMDB projects fail because IT tries to collect everything. Base your data model on the desired use cases.
  • Define roles and responsibilities: Keeping data accurate and updated is difficult. Identify who will be responsible for helping

Common Obstacles

  • Significant process maturity is required: Service configuration management (SCM) requires high maturity in change management, IT asset management, and service catalog practices.
  • Large investment: Building a CMDB takes a large amount of effort, process, and expertise.
  • Tough business case: Configuration management doesn't directly provide value to the business, but it requires a lot of investment from IT.

Info-Tech's Approach

  • Define your scope and objectives: Identify the use cases for SCM and prioritize those objectives into phases.
  • Design the CMDB data model: Align with your existing configuration management system's data model.
  • Operationalize configuration record updates: Integrate your SCM practice with existing practices and lifecycles.

Start small

Scope creep is a serial killer of configuration management databases and service configuration management practices.

Insight summary

Many vendors are taking a CMDB-first approach to enable IT operations or sometimes asset management. It's important to ensure processes are in place immediately to ensure the data doesn't go stale as additional modules and features are activated.

Define processes early to ensure success

The right mindset is just as important as the right tools. By involving everyone early, you can ensure the right data is captured and validated and you can make maintenance part of the culture. This is critical to reaching early and continual value with a CMDB.

Identify use cases

The initial use case will be the driving force behind the first assessment of return on investment (ROI). If ROI can be realized early, momentum will increase, and the team can build on the initial successes.

If you don't see value in the first year, momentum diminishes and it's possible the project will never see value.

Keep the initial scope small and focused

Discovery can collect a lot of data quickly, and it's possible to be completely overwhelmed early in the process.

Build expertise and troubleshoot issues with a smaller scope, then build out the process.

Minimize customizations

Most CMDBs have classes and attributes defined as defaults. Use of the defaults will enable easier implementation and faster time to value, especially where automations and integrations depend on standard terms for field mapping.

Automate as much as possible

In large, complex environments, the data can quickly become unmanageable. Use automation as much as possible for discovery, dependency mapping, validation, and alerts. Minimize the amount of manual work but ensure everyone is aware of where and how these manual updates need to happen to see continual value.

Info-Tech's Harness Configuration Management Superpowers.

Configuration management will improve functionality of all surrounding processes

A well-functioning CMDB empowers almost all other IT management and governance practices.

Service configuration management is about:

  • Building a system of record about IT services and the components that support those services.
  • Continuously reconciling and validating information to ensure data accuracy.
  • Ensuring the data lifecycle is defined and well understood and can pass data and process audits.
  • Accessing information in a variety of ways to effectively serve IT and the business.
An image of Info-Tech's CMDB Configuration Management tree, breaking down aspects into the following six categories: Strategic Partner; Service Provider; Proactive; Stabilize; Core; and Foundational.

Configuration management most closely impacts these practices

Info-Tech Research Group sees a clear relationship.

When an IT department reports they are highly effective at configuration management, they are much more likely to report they are highly effective at these management and governance processes:

The following management and governance processes are listed: Quality Management; Asset Management; Performance Measurement; Knowledge Management; Release Management; Incident and Problem Management; Service Management; Change Management.

The data is clear

Service configuration management is about more than just doing change management more effectively.

Source: Info-Tech Research Group, IT Management and Governance Diagnostic; N=684 organizations, 2019 to July 2022.

Make the case to use configuration management to improve IT operations

Consider the impact of access to data for informing innovations, optimization efforts, and risk assessments.

75% of Uptime's 2021 survey respondents who had an outage in the past three years said the outage would have been prevented if they'd had better management or processes.(1)

75%

75% of Uptime's 2021 survey respondents who had an outage in the past three years said the outage would have been prevented if they'd had better management or processes.(1)

42%

of publicly reported outages were due to software or configuration issues. (1)

58%

of networking-related IT outages were due to configuration and change management failure.(1)

It doesn't have to be that way!

Enterprise-grade IT service management (ITSM) tools require a CMDB for the different modules to work together and to enable IT operations management (ITOM), providing greater visibility.

Decisions about changes can be made with accurate data, not guesses.

The CMDB can give the service desk fast access to helpful information about the impacted components, including a history of similar incidents and resolutions and the relationship between the impacted components and other systems and components.

Turn your team into IT superheroes.

CMDB data makes it easier for IT Ops groups to:

  • Avoid change collisions.
  • Eliminate poor changes due to lack of visibility into complex systems.
  • Identify problematic equipment.
  • Troubleshoot incidents.
  • Expand the services provided by tier 1 and through automation.

Benefits of configuration management

For IT

  • Configuration management will supercharge processes that have relied on inherent knowledge of the IT environment to make decisions.
  • IT will more quickly analyze and understand issues and will be positioned to improve and automate issue identification and resolution.
  • Increase confidence and reduce risks for decisions involving release and change management with access to accurate data, regardless of the complexity of the environment.
  • Reduce or eliminate unplanned work related to poor outcomes due to decisions made with incorrect or incomplete data.

For the Business

  • Improve strategic planning for business initiatives involving IT solutions, which may include integrations, development, or security concerns.
  • More quickly deploy new solutions or updates due to visibility into complex environments.
  • Enable business outcomes with reliable and stable IT systems.
  • Reduce disruptions caused by planning without accurate data and improve resolution times for service interruptions.
  • Improve access to reporting for budgeting, showbacks, and chargebacks as well as performance metrics.

Measure the value of this blueprint

Fast-track your planning and increase the success of a configuration management program with this blueprint

Workshop feedback
8.1/10

$174,000 savings

30 average days saved

Guided Implementation feedback

8.7/10

$31,496 average savings

41 average days saved

"The workshop was well run, with good facilitation, and gained participation from even the most difficult parts of the audience. The best part of the experience was that if I were to find myself in the same position in the future, I would repeat the workshop."

– University of Exeter

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

“Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

Guided Implementation

“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

Workshop

“We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

Consulting

“Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

Diagnostics and consistent frameworks used throughout all four options

Guided Implementation

What does a typical GI on this topic look like?

Phase 1 Phase 2 Phase 3 Phase 4

Call #1: Scope requirements, objectives, and your specific challenges.

Call #2: Prioritize services and use cases.

Call #3: Identify data needed to meet goals.

Call #4: Define roles and responsibilities.

Call #5: Define and prioritize your services.

Call #6: Evaluate and test CMDB default classifications.

Call #7: Build a data model diagram.

Call #8: Define processes for onboarding, offboarding, and maintaining data.

Call #9: Discuss configuration baselines.

Call #10: Build a data validation and audit plan.

Call #11: Define key metrics.

Call #12: Build a configuration management policy and communications plan.

Call #13: Build a roadmap.

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

A typical GI is between 8 to 12 calls over the course of 4 to 9 months.

Workshop Overview

Contact your account representative for more information.
workshops@infotech.com 1-888-670-8889

Day 1 Day 2 Day 3 Day 4

Configuration Management Strategy

CMDB Data Structure

Process Design

Communications & Roadmap

Activities
  • Introduction
  • Define challenges and goals.
  • Define and prioritize use cases.
  • Identify data needed to meet goals.
  • Define roles and responsibilities.
  • Define and prioritize your services.
  • Evaluate CMDB default classifications.
  • Test configuration items against existing categories.
  • Build a data model diagram.
  • Define processes for onboarding, offboarding, and maintaining data in the CMDB.
  • Define practices for configuration baselines.
  • Build a data validation and auditing plan.
  • Define key metrics for configuration management.
  • Define metrics for supporting services.
  • Build configuration management policies.
  • Create a communications plan.
  • Build a roadmap.

Deliverables

  • Roles and responsibility matrix
  • Data and reporting use cases based on stakeholder requirements
  • List of CI types and relationships to be added to default settings
  • CMDB data model diagram
  • Documented processes and workflows
  • Data validation and auditing plan
  • Policy for configuration management
  • Roadmap for next steps
  • Communications documents

Blueprint deliverables

Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

Configuration Management Project Charter

Detail your approach to building an SCM practice and a CMDB.

Screenshot from the Configuration Management Project Charter

Use Cases and Data Worksheet

Capture the action items related to your SCM implementation project.

Screenshot from the Use Cases and Data Worksheet

Configuration Manager Job Description

Use our template for a job posting or internal job description.

Screenshot from the Configuration Manager Job Description

Configuration Management Diagram Template Library

Use these diagrams to simplify building your SOP.

Screenshot from the Configuration Management Diagram Template Library

Configuration Management Policy

Set expectations for configuration control.

screenshot from the Configuration Management Policy

Configuration Management Audit and Validation Checklist

Use this framework to validate controls.

Screenshot from the Configuration Management Audit and Validation Checklist

Configuration Control Board Charter

Define the board's responsibilities and meeting protocols.

Screenshot from the Configuration Management Audit and Validation Checklist

Key deliverable:

Configuration Management Standard Operating Procedures Template

Outlines SCM roles and responsibilities, the CMDB data model, when records are expected to change, and configuration baselines.

Four Screenshots from the Configuration Management Standard Operating Procedures Template

Phase 1

Configuration Management Strategy

Strategy Data Structure Processes Roadmap
  • Challenges and Goals
  • Use Cases and Data
  • Roles and Responsibilities
  • Services
  • Classifications
  • Data Modeling
  • Lifecycle Processes
  • Baselines
  • Audit and Data Validation
  • Metrics
  • Communications Plan
  • Roadmap

This phase will walk you through the following aspects of a configuration management system:

  • Scope
  • Use Cases
  • Reports and Analytics

This phase involves the following participants:

  • IT and business service owners
  • Business/customer relationship managers
  • Enterprise architects
  • Practice owners and managers
  • SCM practice manager
  • SCM project manager
  • SCM project sponsor

Harness Service Configuration Management Superpowers

Establish clear definitions

Ensure everyone is using the same terms.

Term Definition
Configuration Management

The purpose of configuration management is to:

  • "Ensure that accurate and reliable information about the configuration of services, and the CIs that support them, is available when and where it is needed. This includes information on how CIs are configured and the relationships between them" (AXELOS).
  • "Provide sufficient information about service assets to enable the service to be effectively managed. Assess the impact of changes and deal with service incidents" (ISACA, 2018).
Configuration Management System (CMS) A set of tools and databases used to manage, update, and present data about all configuration items and their relationships. A CMS may maintain multiple federated CMDBs and can include one or many discovery and dependency mapping tools.
Configuration Management Database (CMDB) A repository of configuration records. It can be as simple as a spreadsheet or as complex as an integrated database populated through multiple autodiscovery tools.
Configuration Record Detailed information about a configuration item.
Configuration Item (CI)

"Any component that needs to be managed in order to deliver an IT service" (AXELOS).

These components can include everything from IT services and software to user devices, IT infrastructure components, and documents (e.g. maintenance agreements).
Attributes Characteristics of a CI included in the configuration record. Common attributes include name, version, license expiry date, location, supplier, SLA, and owner.
Relationships Information about the way CIs are linked. A CI can be part of another CI, connect to another CI, or use another CI. A CMDB is significantly more valuable when relationships are recorded. This information allows CMDB users to identify dependencies between components when investigating incidents, performing root-cause analysis, assessing the impact of changes before deployment, and much more.

What is a configuration management database (CMDB)?

The CMDB is a system of record of your services and includes a record for everything you need to track to effectively manage your IT services.

Anything that is tracked in your CMDB is called a configuration item (CI). Examples of CIs include:

  • User-Facing Services
  • IT-Facing Services
  • Business Capabilities
  • Relationships
  • IT Infrastructure Components
  • Enterprise Software
  • End-User Devices
  • Documents

Other systems of record can refer to CIs, such as:

  • Ticket database: Tickets can refer to which CI is impacted by an incident or provided as part of a service request.
  • Asset management database (AMDB): An IT asset is often also a CI. By associating asset records with CI records, you can leverage your IT asset data in your reporting.
  • Financial systems: If done well, the CMDB can supercharge your IT financial cost model.

CMDBs can allow you to:

  • Query multiple databases simultaneously (so long as you have the CI name field in each database).
  • Build automated workflows and chatbots that interact with data across multiple databases.
  • More effectively identify the potential impact of changes and releases.

Do not confuse asset with configuration

Asset and configuration management look at the same world through different lenses

  • IT asset management (ITAM) tends to focus on each IT asset in its own right: assignment or ownership, lifecycle, and related financial obligations and entitlements.
  • Configuration management is focused on configuration items (CIs) that must be managed to deliver a service and the relationships and integrations with other CIs.
  • ITAM and configuration management teams and practices should work closely together. Though asset and configuration management focus on different outcomes, they may use overlapping tools and data sets. Each practice, when working effectively, can strengthen the other.
  • Many objects will exist in both the CMDB and AMDB, and the data on those shared objects will need to be kept in sync.

A comparison between Asset and Configuration Management Databases

*Discovery, dependency mapping, and data normalization are often features or modules of configuration management, asset management, or IT service management tools.

Start with ITIL 4 guiding principles to make your configuration management project valuable and realistic

Focus on where CMDB data will provide value and ensure the cost of bringing that data in will be reasonable for its purpose. Your end goal should be not just to build a CMDB but to use a CMDB to manage workload and workflows and manage services appropriately.

Focus on value

Include only the relevant information required by stakeholders.

Start where you are

Use available sources of information. Avoid adding new sources and tools unless they are justified.

Progress iteratively with feedback

Regularly review information use and confirm its relevance, adjusting the CMDB scope if needed.

Collaborate and promote visibility

Explain and promote available sources of configuration information and the best ways to use them, then provide hints and tips for more efficient use.

Think and work holistically

Consider other sources of data for decision making. Do not try to put everything in the CMDB.

Keep it simple and practical

Provide relevant information in the most convenient way; avoid complex interfaces and reports.

Optimize and automate

Continually optimize resource-consuming practice activities. Automate CDMB verification, data collection, relationship discovery, and other activities.

ITIL 4 guiding principles as described by AXELOS

Step 1.1

Identify use cases and desired benefits for service configuration management

Activities

1.1.1 Brainstorm data collection challenges

1.1.2 Define goals and how you plan to meet them

1.1.3 Brainstorm and prioritize use cases

1.1.4 Identify the data needed to reach your goals

1.1.5 Record required data sources

This step will walk you through the following aspects of a configuration management system:

  • Scope
  • Use cases

This phase involves the following participants:

  • IT and business service owners
  • Business/customer relationship managers
  • Enterprise architects
  • Practice owners and managers
  • SCM practice manager
  • Project sponsor
  • Project manager

Identify potential obstacles in your organization to building and maintaining a CMDB

Often, we see multiple unsuccessful attempts to build out a CMDB, with teams eventually losing faith and going back to spreadsheets. These are common obstacles:

  • Significant manual data collection, which is rarely current and fully accurate.
  • Multiple discovery solutions creating duplicate records, with no clear path to deduplicate records.
  • Manual dependency mapping that isn't accurate because it's not regularly assessed and updated.
  • Hybrid cloud and on-premises environment with discovery solutions only partially collecting as the right discovery and dependency mapping solutions aren't in place.
  • Dynamic environments (virtual, cloud, or containers) that may exist for a very short time, but no one knows how they should be managed.
  • Lack of expertise to maintain and update the CMDB or lack of an assigned owner for the CMDB. If no one owns the process and is assigned as a steward of data, it will not be maintained.
  • Database that was designed with other purposes in mind and is heavily customized, making it difficult to use and maintain.

Understanding the challenges to accessing and maintaining quality data will help define the risks created through lack of quality data.

This knowledge can drive buy-in to create a configuration management practice that benefits the organization.

1.1.1 Brainstorm data collection challenges

Involve stakeholders.
Allot 45 minutes for this discussion.

  1. As a group, brainstorm the challenges you have with data:
  2. Accuracy and trustworthiness: What challenges do you have with getting accurate data on IT services and systems?
    1. Access: Where do you have challenges with getting data to people when they need it?
    2. Manually created data: Where are you relying on data that could be automatically collected?
    3. Data integration: Where do you have issues with integrating data from multiple sources?
    4. Impact: What is the result of these challenges?
  3. Group together these challenges into similar issues and identify what goals would help overcome them.
  4. Record these challenges in the Configuration Management Project Charter, section 1.2: Project Purpose.

Download the Configuration Management Project Charter

Input

Output

  • None
  • List of high-level desired benefits for SCM
Materials Participants
  • Whiteboard/flip charts
  • Sticky notes
  • Markers/pens
  • Configuration Management Project Charter
  • IT and business service owners
  • Business/customer relationship managers
  • Practice owners and managers
  • SCM practice manager
  • SCM project sponsor

Info-Tech Maturity Ladder

Identify your current and target state

INNOVATOR

  • Characteristics of business partner
  • Integration with orchestration tools

BUSINESS PARTNER

Data collection and validation is fully automated

Integrated with several IT processes

Meets the needs of IT and business use cases

TRUSTED OPERATOR

  • Data collection and validation is partially or fully automated
  • Trust in data accuracy is high, meets the needs of several IT use cases

FIREFIGHTER

  • Data collection is partially or fully automated, validation is ad hoc
  • Trust in data accuracy is variable, used for decision making

UNSTABLE

INNOVATOR

  • Characteristics of business partner
  • Integration with orchestration tools

BUSINESS PARTNER

  • Data collection and validation is fully automated
  • Integrated with several IT processes
  • Meets the needs of IT and business use cases

TRUSTED OPERATOR

  • Data collection and validation is partially or fully automated
  • Trust in data accuracy is high, meets the needs of several IT use cases

FIREFIGHTER

  • Data collection is partially or fully automated, validation is ad hoc
  • Trust in data accuracy is variable, used for decision making

UNSTABLE

A tower is depicted, with arrows pointing to Current (orange) and Target(blue)

Define goals for your CMDB to ensure alignment with all stakeholders

  • How are business or IT goals being hindered by not having the right data available?
  • If the business isn't currently asking for service-based reporting and accountability, start with IT goals. This will help to develop goals that will be most closely aligned to the IT teams' needs and may help incentivize the right behavior in data maintenance.
  • Configuration management succeeds by enabling its stakeholders to achieve their outcomes. Set goals for configuration management based on the most important outcomes expected from this project. Ask your stakeholders:
    1. What are the business' or IT's planned transformational initiatives?
    2. What are your highest priority goals?
    3. What should the priorities of the configuration management practice be?
  • The answers to these questions will shape your approach to configuration management. Direct input from your leadership and executives, or their delegates, will help ensure you're setting a solid foundation for your practice.
  • Identify which obstacles will need to be overcome to meet these goals.

"[T]he CMDB System should be viewed as a 'system of relevance,' rather than a 'single source of truth.' The burdens of relevance are at once less onerous and far more meaningful in terms of action, analysis, and automation. While 'truth' implies something everlasting or at least stable, relevance suggests a far more dynamic universe."

– CMDB Systems, Making Change Work in the Age of Cloud and Agile, Drogseth et al

Identify stakeholders to discuss what they need from a CMDB; business and IT needs will likely differ

Define your audience to determine who the CMDB will serve and invite them to these conversations. The CMDB can aid the business and IT and can be structured to provide dashboards and reports for both.

Nondiscoverable configuration items will need to be created for both audiences to organize CIs in a way that makes sense for all uses.

Integrations with other systems may be required to meet the needs of your audience. Note integrations for future planning.

Business Services

Within the data sets, service configuration models can be used for:

  • Impact analysis
  • Cause and effect analysis
  • Risk analysis
  • Cost allocation
  • Availability analysis and planning

Technical Services

Connect to IT Finance for:

  • Service-based consumption and costing
  • Financial awareness through showback
  • Financial recovery through chargeback
  • Support IT strategy through financial transparency
  • Cost optimization
  • Reporting for depreciation, location-related taxation, and capitalization (may also use asset management for these)

Intersect with IT Processes to:

  • Reduce time to restore services through incident management
  • Improve stability through change management
  • Reduce outages through problem management
  • Optimize assets through IT asset management
  • Provide detailed reporting for audit/governance, risk, and compliance

1.1.2 Define goals and how you plan to meet them

Involve stakeholders.

Allot 45 minutes for this discussion.

As a group, identify current goals for building and using a CMDB.

Why are we doing this?

  • How do you hope to use the data within the CMDB?
  • What processes will be improved through use of this data and what are the expected outcomes?

How will we improve the process?

  • What processes will be put in place to ensure data integrity?
  • What tools will be put in place to improve the methods used to collect and maintain data?

Record these goals in the Configuration Management Project Charter, section 1.3: Project Objectives.

Input

Output

  • None
  • List of high-level desired benefits for SCM
Materials Participants
  • Whiteboard/flip charts
  • Sticky notes
  • Markers/pens
  • Configuration Management Project Charter
  • IT and business service owners
  • Business/customer relationship managers
  • Practice owners and managers
  • SCM practice manager
  • SCM project sponsor

It's easy to think that if you build it, they will come, but CMDBs rarely succeed without solid use cases

Set expectations for your organization that defined and fulfilled use cases will factor into prioritization exercises, functional plans, and project milestones to achieve ROI for your efforts.

A good use case:

  • Justifies resource allocation
  • Gains funding for the right tools
  • Builds stakeholder support
  • Drives interest and excitement
  • Gains support from anyone in a position to help build out and validate the data
  • Helps to define success

In the book CMDB Systems, Making Change Work in the Age of Cloud and Agile, authors Drogseth, Sturm, and Twing describe the secrets of success:

A documented evaluation of CMDB System vendors showed that while most "best case" ROI fell between 6 and 9 months for CMDB deployments, one instance delivered ROI for a significant CMDB investment in as little as 2 weeks!

If there's a simple formula for quick time to value for a CMDB System, it's the following:

Mature levels of process awareness
+ Strong executive level support
+ A ready and willing team with strongly supportive stakeholders
+ Clearly defined and ready phase one use case
+ Carefully selected, appropriate technologies

All this = Powerful early-phase CMDB System results

Define and prioritize use cases for how the CMDB will be used to drive value

The CMDB can support several use cases and may require integration with various modules within the ITSM solution and integration with other systems.

Document the use cases that will drive your CMDB to relevance, including the expected benefits for each use case.

Identify the dependencies that will need to be implemented to be successful.

Define "done" so that once data is entered, verified, and mapped, these use cases can be realized.

"Our consulting experience suggests that more than 75% of all strategic initiatives (CMDB or not) fail to meet at least initial expectations across IT organizations. This is often due more to inflated expectations than categorical failure."

– CMDB Systems, Making Change Work in the Age of Cloud and Agile, Drogseth et al.

This image demonstrates how CMBD will be used to drive value.

After identifying use cases, determine the scope of configuration items required to feed the use cases

On-premises software and equipment will be critical to many use cases as the IT team and partners work on network and data-center equipment, enterprise software, and integrations through various means, including APIs and middleware. Real-time and near real-time data collection and validation will ensure IT can act with confidence.

Cloud use can include software as a service (SaaS) solutions as well as infrastructure and platform as a service (IaaS and PaaS), and this may be more challenging for data collection. Tools must be capable of connecting to cloud environments and feeding the information back into the CMDB. Where on-premises and cloud applications show dependencies, you might need to validate data if multiple discovery and dependency mapping solutions are used to get a complete picture. Tagging will be crucial to making sense of the data as it comes into the CMDB.

In-house developed software would be beneficial to have in the CMDB but may require more manual work to identify and classify once discovered. A combination of discovery and tagging may be beneficial to input and classification.

Highly dynamic environments may require data collection through integration with a variety of solutions to manage and record continuous deployment models and verifications, or they may rely on tags and activity logs to record historical activity. Work with a partner who specializes in CI/CD to help architect this use case.

Containers will require an assessment of the level of detail required. Determine if the container is a CI and if the content will be described as attributes. If there is value to your use case to map the contents of each container as separate CIs within the container CI, then you can map to that level of detail, but don't map to that depth unless the use case calls for it.

Internet of Things (IoT) devices and applications will need to match a use case as well. IoT device asset data will be useful to track within an asset database but may have limited value to add to a CMDB. If there are connections between IoT applications and data warehouses, the dependencies should likely be mapped to ensure continued dataflow.

Out of scope

A single source of data is highly beneficial, but don't make it a catchall for items that are not easily stored in a CMDB.

Source code should be stored in a definitive media library (DML). Code can be linked to the CMDB but is generally too big to store in a CMDB and will reduce performance for data retrieval.

Knowledge articles and maintenance checklists are better suited to a knowledge base. They can also be linked to the CDMB if needed but this can get messy where many-to-many relationships between articles and CIs exist.

Fleet (transportation) assets and fixed assets should be in fleet management systems and accounting systems, respectively. Storing these types of data in the CMDB doesn't provide value to the support process.

1.1.3 Brainstorm and prioritize use cases

Which IT practices will you supercharge?

Focus on improving both operations and strategy.

  1. Brainstorm the list of relevant use cases. What do you want to do with the data from the CMDB? Consider:
    1. ITSM management and governance practices
    2. IT operations, vendor orchestration, and service integration and management (SIAM) to improve vendor interactions
    3. IT finance and business service reporting needs
  2. Identify which use cases are part of your two- to three-year plan, including the purpose for adding configuration data into that process. Prioritize one or two of these use cases to accomplish in your first year.
  3. Identify dependencies to manage as part of the solution and define a realistic timeline for implementing integrations, modules, or data sources.
  4. Document this table in the Configuration Management Project Charter, section 2.2: Use Cases.
Audience Use Case Goal/Purpose Project/Solution Dependencies Proposed Timeline Priority
  • IT
  • Change Management

Stabilize the process by seeing:

Change conflict reporting

Reports of CI changes without change records

System availability

RFC mapping requires discovered CIs

RFC review requires criticality, technical and business owners

Conflict reporting requires dependency mapping

  • Discovery and manual information entered by October
  • Dependency mapping implemented by December

High

Determine what additional data will be needed to achieve your use cases

Regardless of which use cases you are planning to fulfill with the CMDB, it is critical to not add data and complexity with the plan of resolving every possible inquiry. Ensure the cost and effort of bringing in the data and maintaining it is justified. The complexity of the environment will impact the complexity of data sources and integrations for discovery and dependency mapping.

Before bringing in new data, consider:

  • Is this information available in other maintained databases now?
  • Will this data be critical for decision making? If it is nice to have or optional, can it be automatically moved into the database and maintained using existing integrations?
  • Is there a cost to bringing the data into the CMDB and maintaining it? Is that cost reasonable for its purpose?
  • How frequently will this information be accessed, and can it be updated in an adequate cadence to meet these needs?
  • When does this information need to be available?

Info-Tech Insight

If data will be used only occasionally upon request, determine if it will be more efficient to maintain it or to retrieve it from the CMDB or another data source as needed.

Remember, within the data sets, service configuration models can be used for:

  • Impact analysis
  • Cause and effect analysis
  • Risk analysis
  • Cost allocation
  • Availability analysis and planning

1.1.4 Expand your use cases by identifying the data needed to reach your goals

Involve stakeholders.

Allot 60 minutes for this discussion.

Review use cases and their goals.

Identify what data will be required to meet those goals and determine whether it will be mandatory or optional/nice-to-have information.

Identify sources of data for each type of data. Color code or sort.

Italicize data points that can be automatically discovered.

Gain consensus on what information will be manually entered.

Record the data in the Use Cases and Data Worksheet.

Download the Use Cases and Data Worksheet

Input

Output

  • None
  • List of data requirements
MaterialsParticipants
  • Whiteboard/flip charts
  • Sticky notes
  • Markers/pens
  • Use Cases and Data Worksheet
  • IT and business service owners
  • Business/customer relationship managers
  • Practice owners and managers
  • SCM practice manager
  • SCM project sponsor

Use discovery and dependency mapping tools to automatically update the CMDB

Avoid manual data entry whenever possible.

Consider these features when looking at tools:

  • Application dependency mapping: Establishing and tracking the relationships and dependencies between system components, applications, and IT services. The ideal tool will be able to generate maps automatically.
  • Agentless and agent discovery: Scanning systems with both agent and agentless approaches. Agent-based scanning provides comprehensive information on applications used in individual endpoints, which is helpful in minimizing its IT footprint. However, agents require endpoint access. Agentless-based scanning provides a broader and holistic view of deployed applications without the need to install an agent on end devices, which can be good enough for inventory awareness.
  • Data export capability: Easy exporting of application inventory information to be used in reports and other tools.
  • Dashboards and chart visualization: Detailed list of the application inventory, including version number, number of users, licenses, deployment location, and other application details. These details will inform decision makers of each application's health and its candidacy for further rationalization activities.
  • Customizable scanning scripts: Tailor your application discovery approach by modifying the scripts used to scan your systems.
  • Integration with third-party tools: Easy integration with other systems with out-of-the-box plugins or customizable APIs.

Determine which data collection methods will be used to populate the CMDB

The effort-to-value ratio is an important factor in populating a CMDB. Manual efforts require a higher process focus, more intensive data validation, and a constant need to remind team members to act on every change.

Real-Time Data AIOps continual scans Used for event and incident management
Near Real-Time Data Discovery and dependency mapping run on a regular cycle Used for change and asset management
Historical Data Activity log imports, manual data entry Used for IT finance, audit trail
  • Determine what amount of effort is appropriate for each data grouping and use case. As decisions are made to expand data within the CMDB, the effort-to-value ratio should always factor in. To be usable, data must be accurate, and every piece of data that needs to be manually entered runs the risk of becoming obsolete.
  • Identify which data sources will bring in each type of data. Where there is a possibility of duplicate records being created, one of the data sources will need to be identified as the primary.
  • If the decision is to manually enter configuration items early in the process, be aware that automation may create duplicates of the CIs that will need to be deduplicated at some point in the process to make the information more usable.
  • Typically, items are discovered, validated, then mapped, but there will be variations depending on the source.
  • Active Directory or LDAP may be used to bring users and technicians into the CMDB. Data may be imported from spreadsheets. Identify efforts where data cleanup may have to happen before transferring into the CMDB.
  • Identify how often manual imports will need to be conducted to make sure data is usable.

Identify other nondiscoverable data that will need to be added to or accessed by the CMDB

Foundational data, such as technicians, end users and approvers, roles, location, company, agency, department, building, or cost center, may be added to tables that are within or accessed by the CMDB. Work with your vendor to understand structure and where this information resides.

  • These records can be imported from CSV files manually, but this will require manual removal or edits as information changes.
  • Integration with the HRIS, Active Directory, or LDAP will enable automatic updates through synchronization or scheduled imports.
  • If synchronization is fully enabled, new data can be added and removed from the CMDB automatically.
  • Identify which nondiscoverable attributes will be needed, such as system criticality, support groups, groups it is managed by, location.
  • If partially automating the process, identify where manual updates will need to occur.
  • If fully automating the process, notifications will need to be set up when business owner or product or technical owner fields become empty to prompt defining a replacement within the CMDB.
  • Determine who will manage these updates.
  • Work with your CMDB implementation vendor to determine the best option for bringing this information in.

1.1.5 Record required data sources

Allot 15 minutes for this discussion.

  1. Where do you track the work involved in providing services? Typically, your ticket database tracks service requests and incidents. Additional data sources can include:
    • Enterprise resource planning tools for tracking purchase orders
    • Project management information system for tracking tasks
  2. What trusted data sources exist for the technology that supports these services? Examples include:
    • Management tools (e.g. Microsoft Endpoint Configuration Manager)
    • Architectural diagrams and network topology diagrams
    • IT asset management database
    • Spreadsheets
    • Other systems of record
  3. What other data sources can help you gather the data you identified in activity 1.1.4?
  4. Record the relevant data sources for each use case in the Configuration Management Standard Operating Procedures, section 6: Data Collection and Updates.

Info-Tech Insight

Improve the trustworthiness of your CMDB as a system of record by relying on data that is already trusted.

Input

Output

  • Use cases
  • List of data requirements
MaterialsParticipants
  • Use Cases and Data Worksheet
  • Configuration Management Standard Operating Procedures
  • IT and business service owners
  • Practice owners and managers
  • SCM practice manager
  • SCM project sponsor

Step 1.2

Define roles and responsibilities

Activities

1.2.1 Record the project team and stakeholders

1.2.2 Complete a RACI chart to define who will be accountable and responsible for configuration tasks

This step will walk you through the following aspects of a configuration management system:

  • Roles and responsibilities

This phase involves the following participants:

  • IT service owners
  • Enterprise architects
  • Practice owners and managers
  • SCM practice manager
  • Project manager

Identify the roles you need in your SCM project

Determine which roles will need to be involved in the initial project and how to source these roles.

Leadership Roles
Oversee the SCM implementation

  1. Configuration Manager – The practice owner for SCM. This is a long-term role.
  2. Configuration Control Board (CCB) Chair – An optional role that oversees proposed alterations to configuration plans. If a CCB is implemented, this is a long-term role.
  3. Project Sponsor or Program Sponsor – Provides the necessary resources for building the CMDB and SCM practices.
  4. Architecture Roles
    Plan the program to build strong foundation
    1. Configuration Management Architect – Technical leader who defines the overall CM solution, plans the scope, selects a tool, and leads the technical team that will implement the solution.
    2. Requirements Analyst – Gathers and manages the requirements for CM.
    3. Process Engineer – Defines, documents, and implements the entire process.

Architecture Roles
Plan the program to build strong foundation

  1. Configuration Management Architect – Technical leader who defines the overall CM solution, plans the scope, selects a tool, and leads the technical team that will implement the solution.
  2. Requirements Analyst – Gathers and manages the requirements for CM.
  3. Process Engineer – Defines, documents, and implements the entire process.

Engineer Roles
Implement the system

  1. Logical Database Analyst (DBA) Designs the structure to hold the configuration management data and oversees implementation.
  2. Communications and Trainer – Communicates the goals and functions of CM and teaches impacted users the how and why of the process and tools.

Administrative Roles
Permanent roles involving long-term ownership

  1. Technical Owner – The system administrator responsible for their system's uptime. These roles usually own the data quality for their system.
  2. Configuration Management Integrator – Oversees regular transfer of data into the CMDB.
  3. Configuration Management Tool Support – Selects, installs, and maintains the CM tool.
  4. Impact Manager – Analyzes configuration data to ensure relationships between CIs are accurate; conducts impact analysis.

1.2.1 Record the project team and stakeholders

Allocate 25 minutes to this discussion.

  1. Record the project team.
    1. Identify the project manager who will lead this project.
    2. Identify key personnel that will need to be involved in design of the configuration management system and processes.
    3. Identify where vendors/outsourcers may be required to assist with technical aspects.
    4. Document the project team in the Configuration Management Project Charter, section 1.1: Project Team.
  1. Record a list of stakeholders.
    1. Identify stakeholders internal and external to IT.
    2. Build the stakeholder profile. For each stakeholder, identify their role, interest in the project, and influence on project success. You can score these criteria high/medium/low or score them out of ten.
    3. If managed service providers will need to be part of the equation, determine who will be the liaison and how they will provide or access data.
Input

Output

  • Project team members
  • Project plan resources
MaterialsParticipants
  • Configuration Management Project Charter
  • List of project stakeholders and participants
  • IT service owners
  • Practice owners and managers
  • SCM practice manager
  • SCM project sponsor

Even with full automation, this cannot be a "set it and forget it" project if it is to be successful long-term

Create a team to manage the process and data updates and to ensure data is always usable.

  • Services may be added and removed.
  • Technology will change as technical debt is reduced.
  • Vendors may change as contract needs develop.
  • Additional use cases may be introduced by IT and the business as approaches to management evolve.
  • AIOps can reduce the level of effort and improve visibility as configuration items change from the baseline and notifications are automated.
  • Changes can be checked against requests for changes through automated reconciliations, but changes will still need to be investigated where they do not meet expectations.
  • Manual data changes will need to be made regularly and verified.

"We found that everyone wanted information from the CMDB, but no one wanted to pay to maintain it. People pointed to the configuration management team and said, 'It's their responsibility.'

Configuration managers, however, cannot own the data because they have no way of knowing if the data is accurate. They can own the processes related to checking accuracy, but not the data itself."
– Tim Mason, founding director at TRM Associates
(Excerpt from Viewpoint: Focus on CMDB Leadership)

Include these roles in your CMDB practice to ensure continued success and continual improvement

These roles can make up the configuration control board (CCB) to make decisions on major changes to services, data models, processes, or policies. A CCB will be necessary in complex environments.

Configuration Manager

This role is focused on ensuring everyone works together to build the CMDB and keep it up to date. The configuration manager is responsible to:

  • Plan and manage the standards, processes, and procedures and communicate all updates to appropriate staff. Focused on continual improvement.
  • Plan and manage population of the CMDB and ensure data included meets criteria for cost effectiveness and reasonable effort for the value it brings.
  • Validate scope of services and CIs to be included and controlled within the CMDB and manage exceptions.
  • Audit data quality to ensure it is valid, is current, and meets defined standards.
  • Evaluate and recommend tools to support processes, data collection, and integrations.
  • Ensure configuration management processes interface with all other service and business management functions to meet use cases.
  • Report on configuration management performance and take appropriate action on process adherence and quality issues.

Configuration Librarian

This role is most important where manual data entry is prevalent and where many nonstandard configurations are in place. The librarian role is often held by the tool administrator. The librarian focuses specifically on data within the CMDB, including:

  • Manual updates to configuration data.
  • CMDB data verification on a regular schedule.
  • Processing ad hoc requests for data.

Product/Service/Technical Owners

The product or technical owner will validate information is correctly updating and reflects the existing data requirements as new systems are provisioned or as existing systems change.

Interfacing Practice Owners

All practice owners, such as change manager, incident manager, or problem manager, must work with the configuration team to ensure data is usable for each of the use cases they are responsible for.

Download the Configuration Manager job description

Assign configuration management responsibilities and accountabilities

Align authority and accountability.

  • A RACI exercise will help you discuss and document accountability and responsibility for critical configuration management activities.
  • When responsibility and accountability are not well documented, it's often useful to invite a representative of the roles identified to participate in this alignment exercise. The discussion can uncover contrasting views on responsibility and governance, which can help you build a stronger management and governance model.
  • The RACI chart can help you identify who should be involved when making changes to a given activity. Clarify the variety of responsibilities assigned to each key role.
  • In the future, you may need to define roles in more detail as you change your configuration management procedures.

Responsible: The person who actually gets the job done.
Different roles may be responsible for different aspects of the activity relevant to their role.

Accountable: The one role accountable for the activity (in terms of completion, quality, cost, etc.)
Must have sufficient authority to be held accountable; responsible roles are often accountable to this role.

Consulted: Those who need the opportunity to provide meaningful input at certain points in the activity; typically, subject matter experts or stakeholders. The more people you must consult, the more overhead and time you'll add to a process.

Informed: Those who receive information regarding the task but do not need to provide feedback.
Information might relate to process execution, changes, or quality.

Complete a RACI chart to define who will be accountable and responsible for configuration tasks

Determine what roles will be in place in your organization and who will fulfill them, and create your RACI chart to reflect what makes sense for your organization. Additional roles may be involved where there is complexity.

R = responsible, A = accountable, C = consulted, I = informed CCB Configuration Manager Configuration Librarian Technical Owner(s) Interfacing Practice Owners Tool Administrator
Plan and manage the standards, processes, and procedures and communicate all updates to appropriate staff. Focused on continual improvement. A R
Plan and manage population of the CMDB and ensure data included meets criteria for cost effectiveness and reasonable effort for the value it brings. A R
Validate scope of services and CIs to be included and controlled within the CMDB and manage exceptions. A R
Audit data quality to ensure it is valid, is current, and meets defined standards. A,R
Evaluate and recommend tools to support processes, data collection, and integrations. A,R
Ensure configuration management processes interface with all other service and business management functions to meet use cases. A
Report on configuration management performance and take appropriate action on process adherence and quality issues. A
Make manual updates to configuration data. A
Conduct CMDB data verification on a regular schedule. A
Process ad hoc requests for data. A
Enter new systems into the CMDB. A R
Update CMDB as systems change. A R
Identify new use cases for CMDB data. R A
Validate data meets the needs for use cases and quality. R A
Design reports to meet use cases. R
Ensure integrations are configured as designed and are functional. R

1.2.2 Complete a RACI chart to define who will be accountable and responsible for configuration tasks

Allot 60 minutes for this discussion.

  1. Open the Configuration Management Standard Operating Procedures, section 4.1: Responsibility Matrix. In the RACI chart, review the top row of roles. Smaller organizations may not need a configuration control board, in which case the configuration manager may have more authority.
  2. Modify or expand the process tasks in the left column as needed.
  3. For each role, identify what that person is responsible for, accountable for, consulted on, or informed of. Fill out each column.
  4. Document in the SOP. Schedule a time to share the results with organization leads.
  5. Distribute the chart among all teams in your organization.
  6. Describe additional roles as needed in the documentation.
  7. Add accountabilities and responsibilities for the CCB into the Configuration Control Board Charter.
  8. If appropriate, add auxiliary roles to the Configuration Management Standard Operating Procedures, section 4.2: Configuration Management Auxiliary Role Definitions.

Notes:

  1. Assign one Accountable for each task.
  2. Have one or more Responsible for each task.
  3. Avoid generic responsibilities such as "team meetings."
  4. Keep your RACI definitions in your documents for quick reference.

Refer back to the RACI chart when building out the communications plan to ensure accountable and responsible team members are on board and consulted and informed people are aware of all changes.

Input

Output

  • Task assignments
  • RACI chart with roles and responsibilities
MaterialsParticipants
  • Configuration Management Standard Operating Procedures, RACI chart
  • Configuration Control Board Charter, Responsibilities section
  • IT service owners
  • Practice owners and managers
  • SCM practice manager
  • SCM project sponsor

Phase 2

Configuration Management Data Model

StrategyData StructureProcessesRoadmap
  • Challenges and Goals
  • Use Cases and Data
  • Roles and Responsibilities
  • Services
  • Classifications
  • Data Modeling
  • Lifecycle Processes
  • Baselines
  • Audit and Data Validation
  • Metrics
  • Communications Plan
  • Roadmap

This phase will walk you through the following aspects of a configuration management system:

  • Data Model
  • Customer-Facing and Supporting Services
  • Business Capabilities
  • Relationships
  • IT Infrastructure Components
  • Enterprise Software
  • End-User Devices
  • Documents

This phase involves the following participants:

  • IT service owners
  • Enterprise architects
  • Practice owners and managers
  • CM practice manager
  • CM project manager

Step 2.1

Build a framework for CIs and relationships

Activities

Document services:

2.1.1 Define and prioritize your services

2.1.2 Test configuration items against existing categories

2.1.3 Create a configuration control board charter to define the board's responsibilities and protocols

This step will walk you through the following aspects of a configuration management system:

  • Data model
  • Configuration items
  • Relationships

This phase involves the following participants:

  • IT service owners
  • Enterprise architects
  • Practice owners and managers
  • CM practice manager
  • Project manager

Making sense of data daily will be key to maintaining it, starting with services

As CIs are discovered and mapped, they will automatically map to each other based on integrations, APIs, queries, and transactions. However, CIs also need to be mapped to a conceptional model or service to present the service and its many layers in an easily consumable way.

These services will need to be manually created or imported into the CMDB and manually connected to the application services. Services can be mapped to technical or business services or both.

If business services reporting has been requested, talk to the business to develop a list of services that will be required. Use terms the business will be expecting and identify which applications and instances will be mapped to those services.

If IT is using the CMDB to support service usage and reporting, develop the list of IT services and identify which applications and instances will be mapped to those services.

This image show the relationship between Discoverable and Nondiscoverable CIs. The discoverable CIs are coloured in purple, and the nondiscoverables are blue.

Work with your stakeholders to ensure catalog items make sense to them

There isn't a definitive right or wrong way to define catalog items. For example, the business and IT could both reference application servers, but only IT may need to see technical services broken down by specific locations or device types.

Refer back to your goals and use cases to think through how best to meet those objectives and determine how to categorize your services.

Define the services that will be the top-level, nondiscoverable services, which will group together the CIs that make up the complete service. Identify which application(s) will connect into the technical service.

When you are ready to start discovery, this list of services will be connected to the discovered data to organize it in a way that makes sense for how your stakeholders need to see the data.

While working toward meeting the goals of the first few use cases, you will want to keep the structure simple. Once processes are in place and data is regularly validated, complexities of different service types and names can be integrated into the data.

This image show the relationship between Discoverable and Nondiscoverable CIs. Both Discoverable and nondiscoverable CIs are blue.

Application Service(blue); Technical Service(Purple); IT Shared Services(Orange); Billable Services(green); Service Portfolio(red)

Define the service types to manage within the CMDB to logically group CIs

Determine which method of service groupings will best serve your audience for your prioritized use cases. This will help to name your service categories. Service types can be added as the CMDB evolves and as the audience changes.

Application Service

Technical Service

IT Shared Services

Billable Services

Service Portfolio

A set of interconnected applications and hosts configured to offer a service to the organization.

Example: Financial application service, which may include email, web server, application server, databases, and middleware.

A logical grouping of CIs based on common criteria.

Example: Toronto web services, which may include several servers, web applications, and databases.

A logical grouping of IT and business services shared and used across the organization.

Example: VoIP/phone services or networking or security services.

A group of services that will be billed out to departments or customers and would require logical groupings to enable invoicing.

A group of business and technical service offerings with specific performance reporting levels. This may include multiple service levels for different customer audiences for the same service.

2.1.1 Define and prioritize your services

Prioritize your starting point. If multiple audiences need to be accommodated, work with one group at a time.

Timing: will vary depending on number of services, and starting point

  1. Create your list of services, referencing an existing service catalog, business continuity or disaster recovery plan, list of applications, or brainstorming sessions. Use the terminology that makes the most sense for the audience and their reporting requirements.
  2. If this list is already in place, assess for relevance and reduce the list to only those services that will be managed through the CMDB.
  3. Determine what data will be relevant for each service based on the exercises done in 1.1.4 and 1.1.5. For example, if priority was a required attribute for use case data, ensure each service lists the priority of that service.
  4. For each of these, identify the supporting services. These items can come from your technical service catalog or list of systems and software.
  5. Document this table in the Use Cases and Data Worksheet, tab 3: Service Catalog.

Service Record Example

Service: Email
Supporting Services: M365, Authentication Services

Service Attributes

Availability: 24/7 (99.999%)
Priority: Critical
Users: All
Used for: Collaboration
Billable: Departmental
Support: Unified Support Model, Account # 123456789

The CMDB will be organized by services and will enable data analysis through multiple categorization schemes

To extract maximum service management benefit from a CMDB, the highest level of CI type should be a service, as demonstrated below. While it is easier to start at the system or single-asset level, taking the service mapping approach will provide you with a useful and dynamic view of your IT environment as it relates to the services you offer, instead of a static inventory of components.

Level 1: Services

  • Business Service Offering: A business service is an IT service that supports a business process, or a service that is delivered to business customers. Business service offerings typically are bound by service-level agreements.
  • IT Service Offering: An IT service supports the customer's business processes and is made up of people, processes, and technology. IT service offerings typically are bound by service-level agreements.

Level 2: Infrastructure CIs

  • IT Component Set: An IT service offering consists of one of more sets of IT components. An IT component set allows you to group or bundle IT components with other components or groupings.
  • IT Component: An IT system is composed of one or more supporting components. Many components are shared between multiple IT systems.

Level 3: Supporting CIs

  • IT Subcomponent: Any IT asset that is uniquely identifiable and a component of an IT system.
  • IT components can have subcomponents, and those components can have subcomponents, etc.

Two charts, showing Enterprise Architect Model and Configuration Service Model. Each box represents a different CI.

Assess your CMDB's standard category offerings against your environment, with a plan to minimize customization

Standard categorization schemes will allow for easier integration with multiple tools and reporting and improve results if using machine learning to automate categorization. If the CMDB chosen includes structured categories, use that as your starting point and focus only on gaps that are not addressed for CIs unique to your environment.

There is an important distinction between a class and a type. This concept is foundational for your configuration data model, so it is important that you understand it.

  • Types are general groupings, and the things within a type will have similarities. For attributes that you want to collect on a type, all children classes and CIs will have those attribute fields.
  • Classes are a more specific grouping within a type. All objects within a class will have specific similarities. You can also use subclasses to further differentiate between CIs.
  • Individual CIs are individual instances of a class or subclass. All objects in a class will have the same attribute fields and behave the same, although the values of their attributes will likely differ.
  • Attributes may be discovered or nondiscoverable and manually added to CIs. The attributes are properties of the CI such as serial number, version, memory, processor speed, or asset tag.

Use inheritance structures to simplify your configuration data model.

An example CM Data Model is depicted.

Assess the list of classes of configuration items against your requirements

Types are general groupings, and the things within a type will have similarities. Each type will have its own table within the CMDB. Classes within a type are a more specific grouping of configuration items and may include subclasses.

Review your vendor's CMDB documentation. Find the list of CI types or classes. Most CMDBs will have a default set of classes, like this standard list. If you need to build your own, use the table below as a starting point. Define anything required for unique classes. Create a list and consult with your installation partner.

Sample list of classes organized by type

Types Services Network Hardware Storage Compute App Environment Documents
Classes
  • Application Service
  • Technical Service
  • IT Shared Service
  • Billable Service
  • Service Portfolio
  • Switch
  • Router
  • Firewall
  • Modem
  • SD-WAN
  • Load Balancer
  • UPS
  • Computer
  • Laptop
  • Server
  • Tablet
  • Database
  • Network-Attached Storage
  • Storage Array Network
  • Blob
  • Operating System
  • Hypervisor
  • Virtual Server
  • Virtual Desktop
  • Appliance
  • Virtual Application
  • Enterprise Application
  • Line of Business Application Software
  • Development
  • Test
  • Production
  • Contract
  • Business Impact Analysis
  • Requirements

Review relationships to determine which ones will be most appropriate to map your dependencies

Your CMDB should include multiple relationship types. Determine which ones will be most effective for your environment and ensure everyone is trained on how to use them. As CIs are mapped, verify they are correct and only manually map what is incorrect or not mapping through automation.

Manually mapping CMDB relationships may be time consuming and prone to error, but where manual mapping needs to take place, ensure the team has a common view of the dependency types available and what is important to map.

Use automated mapping whenever possible to improve accuracy, provide functional visualizations, and enable dynamic updates as the environment changes.

Where a dependency maps to external providers, determine where it makes sense to discover and map externally provided CIs.

  • Only connect where there is value in mapping to vendor-owned systems.
  • Only connect where data and connections can be trusted and verified.

Most common dependency mapping types

A list of the most common dependency mapping types.

2.1.2 Test configuration items against existing categories

Time to complete: 1-2 hours

  1. Select a service to test.
  2. Identify the various components that make up the service, focusing on configuration items, not attributes
  3. Categorize configuration items against types and classes in the default settings of the CMDB.
  4. Using the default relationships within the CMDB, identify the relationships between the configuration items.
  5. Identify types, classes, and relationships that do not fit within the default settings. Determine if there are common terms for these items or determine most appropriate name.
  6. Validate these exceptions with the publisher.
  7. Document exceptions in the Configuration Management Standard Operating Procedures, Appendix 2: Types and Classes of Configuration Items
Input

Output

  • List of default settings for classes, types, and relationships
  • Small list of services for testing
  • List of CIs to map to at least one service
  • List of categories to add to the CMDB solution.
MaterialsParticipants
  • Use Cases and Data Worksheet
  • Configuration Management Standard Operating Procedures
  • IT service owners
  • Practice owners and managers
  • SCM practice manager
  • SCM project sponsor

2.1.3 Create a configuration control board charter to define the board's responsibilities and protocols

A charter will set the tone for meetings, ensure purpose is defined and meeting cadence is set for regular reviews.

  1. Open the Configuration Control Board Charter. Review the document and modify as appropriate for your CCB. This will include:
    • Purpose and mandate of the committee – Reference objectives from the project charter.
    • Team composition – Determine the right mix of team members. A team of six to ten people can provide a good balance between having a variety of opinions and getting work done.
    • Voting option – Determine the right quorum to approve changes.
    • Responsibilities – List responsibilities, starting with RACI chart items.
    • Authority – Define the control board's span of control.
    • Governing laws and regulations – List any regulatory requirements that will need to be met to satisfy your auditors.
    • Meeting preparation – Set expectations to ensure meetings are productive.
  2. Distribute the charter to CCB members.
Input

Output

  • Project team members
  • Project plan resources
MaterialsParticipants
  • Configuration Control Board Charter
  • IT service owners
  • Practice owners and managers
  • SCM practice manager
  • SCM project sponsor

Assess the default list of statuses for each state

Align this list with your CMDB

Minimize the number of customizations that will make it difficult to update the platform.

  1. Review the default status list within the tool.
  2. Identify which statuses will be most used. Write a definition for each status.
  3. Update this list as you update process documentation in Step 3.1. After initial implementation, this list should only be modified through change enablement.
  4. Record this list of statuses in the Configuration Management Standard Operating Procedures, Appendix 4: Statuses
State Status Description
Preparation Ordered Waiting delivery from the vendor
In Planning Being created
Received Vendor has delivered the item, but it is not ready for deployment
Production In Stock Available to be deployed
In Use Deployed
On Loan Deployed to a user on a temporary basis
For Removal Planning to be phased out but still deployed to an end user
Offline In Transit Moving to a new location
Under Maintenance Temporarily offline while a patch or change is applied
Removed Decommissioned Item has been retired and is no longer in production
Disposed Item has been destroyed and we are no longer in possession of it
Lost Item has been lost
Stolen Item has been stolen

Step 2.2

Document statuses, attributes, and data sources

Activities

2.2.1 Follow the packet and map out the in-scope services and data centers

2.2.2 Build data model diagrams

2.2.3 Determine access rights for your data

This step will walk you through the following aspects of a configuration management system:

  • Statuses
  • Attributes for each class of CI

This phase involves the following participants:

  • IT service owners
  • Enterprise architects
  • Practice owners and managers
  • SCM practice manager
  • Project manager

Outcomes of this step

  • Framework for approaching CI statuses
  • Attributes for each class of CI
  • Data sources for those attributes

Service mapping approaches

As you start thinking about dependency mapping, it's important to understand the different methods and how they work, as well as your CMDB's capabilities. These approaches may be all in the same tool, or the tool may only have the top-down options.

Top down, most common

Pattern-based

Most common option, which includes indicators of connections such as code, access rights, scripting, host discovery, and APIs.

Start with pattern-based, then turn on traffic-based for more detail. This combination will provide the most accuracy.

Traffic-based

Map against traffic patterns involving connection rules to get more granular than pattern-based.

Traffic-based can add a lot of overhead with extraneous data, so you may not want to run it continuously.

Tag-based

Primarily used for cloud, containers, and virtual machines and will attach the cloud licenses to their dependent services and any related CIs.

Tags work well with cloud but will not have the same hierarchical view as on-premises dependency mapping.

Machine learning

Machine learning will look for patterns in the traffic-based connections, match CIs to categories and help organize the data.

Machine learning (ML) may not be in every solution, but if you have it, use it. ML will provide many suggestions to make the life of the data manager easier.

Model hierarchy

Automated data mapping will be helpful, but it won't be foolproof. It's critical to understand the data model to validate and map nondiscoverable CIs correctly.

The framework consists of the business, enterprise, application, and implementation layers.

The business layer encodes real-world business concepts via the conceptual model.

The enterprise layer defines all enterprise data assets' details and their relationships.

The application layer defines the data structures as used by a specific application.

The implementation layer defines the data models and artifacts for use by software tools.

An example of Model Hierarchy is depicted.

Learn how to create data models with Info-Tech's blueprint Create and Manage Enterprise Data Models

2.2.1 Follow the packet and map out the in-scope services and data centers

Reference your network topology and architecture diagrams.

Allot 1 hour for this activity.

  1. Start with a single service that is well understood and documented.
  2. Identify the technical components (hardware and applications) that make up the service.
  3. Determine if there is a need to further break down services into logical service groupings. For example, the email service to the right is broken down into authentication and mail flow.
  4. If you don't have a network diagram to follow, create a simple one to identify workflows within the service and components the service uses.
  5. Record the apps and underlying components in the Configuration Management Standard Operating Procedures, Appendix 1: Configuration Data Model Structure.

This information will be used for CM project planning and validating the contents of the CMDB.

an example of a Customer-facing service is shown, for Email sample topology.

Download the Configuration Management Diagram Template Library to see an example.

Build your configuration data model

Rely on out-of-the-box functionality where possible and keep a narrow focus in the early implementation stages.

  1. If you have an enterprise architecture, then your configuration management data model should align with it.
  2. Keep a narrow focus in the early implementation stages. Don't fill up your CMDB until you are ready to validate and fix the data.
  3. Rely on out-of-the-box (OOTB) functionality where possible. If your configuration management database (CMDB) and platform do not have a data model OOTB, then rely on a publicly available data model.
  4. Map your business or IT service offering to the first few layers.

Once this is built out in the system, you can let the automated dependency mapping take over, but you will still need to validate the accuracy of the automated mapping and investigate anything that is incorrect.

Sample Configuration Data Model

Every box represents a CI, and every line represents a relationship

A sample configuration Data model is shown.

Example: Data model and CMDB visualization

Once the data model is entered into the CMDB, it will provide a more dynamic and complex view, including CIs shared with other services.

An example of a Data Model Exercise

CMDB View

An example of a CMDB View of the Data Model Exercise

2.2.2 Build data model diagrams

Visualize the expected CI classes and relationships.

Allot 45 minutes.

  1. Identify the different data model views you need. Use multiple diagrams to keep the information simple to read and understand. Common diagrams include:
    1. Network level: Outline expected CI classes and relationships at the network level.
    2. Application level: Outline the expected components and relationships that make up an application.
    3. Services level: Outline how business capability CIs and service CIs relate to each other and to other types of CIs.
  1. Use boxes to represent CI classes.
  2. Use lines to represent relationships. Include details such as:
    1. Relationship name: Write this name on the arrow.
    2. Direction: Have an arrow point to each child.

Review samples in Configuration Management Diagram Template Library.
Record these diagrams in the Configuration Management Standard Operating Procedures, Appendix 1: Configuration Data Model Structure.

Input

Output

  • List of default settings for classes, types, and relationships
  • Small list of services for testing
  • List of CIs to map to at least one service
  • List of additions of categories to add to the CMDB solution.
MaterialsParticipants
  • Configuration Management Standard Operating Procedures
  • Configuration Management Diagram Template Library
  • IT service owners
  • Practice owners and managers
  • SCM practice manager
  • SCM project sponsor

Download the Configuration Management Diagram Template Library to see examples.

Determine governance for data security, access, and validation

Align CMDB access to the organization's access control policy to maintain authorized and secure access for legitimate staff performing their role.

Data User Type Access Role
Data consumers
  • View-only access
  • Will need to view and use the data but will not need to make modifications to it
  • Service desk
  • Change manager
  • Major incident manager
  • Finance
CMDB owner
  • Read/write access with the ability to update and validate data as needed
  • Configuration manager
Domain owner
  • Read/write access for specific domains
  • Data owner within their domain, which includes validating that data is in the database and that it is correctly categorized.
  • Enterprise architect
  • Application owner
Data provider
  • Read/write access for specific domains
  • Ensures automated data has been added and adds nondiscoverable assets and attributes as needed
  • Server operations
  • Database management
  • Network teams
CMDB administrator
  • View-only access for data
  • Will need to have access for modifying the structure of the product, including adding fields, as determined by the CCB
  • ITSM tool administrator

2.2.3 Determine access rights for your data

Allot 30 minutes for this discussion.

  1. Open the Configuration Management Standard Operating Procedures, section 5: Access Rights.
  2. Review the various roles from an access perspective.
    1. Who needs read-only access?
    2. Who needs read/write access?
    3. Should there be restrictions on who can delete data?
  1. Fill in the chart and communicate this to your CMDB installation vendor or your CMDB administrator.
Input

Output

  • Task assignments
  • Access rights and roles
MaterialsParticipants
  • Configuration Management Standard Operating Procedures
  • IT service owners
  • Practice owners and managers
  • SCM practice manager
  • SCM project sponsor

Phase 3

Configuration Record Updates

StrategyData StructureProcessesRoadmap
  • Challenges and Goals
  • Use Cases and Data
  • Roles and Responsibilities
  • Services
  • Classifications
  • Data Modeling
  • Lifecycle Processes
  • Baselines
  • Audit and Data Validation
  • Metrics
  • Communications Plan
  • Roadmap

This phase will walk you through the following aspects of a configuration management system:

  • ITSM Practices and Workflows
  • Discovery and Dependency Mapping Tools
  • Auditing and Data Validation Practices

This phase involves the following participants:

  • IT service owners
  • Enterprise architects
  • Practice owners and managers
  • SCM practice manager
  • SCM project manager
  • IT audit

Harness Service Configuration Management Superpowers

Step 3.1

Keep CIs and relationships up to date through lifecycle process integrations

Activities

3.1.1 Define processes to bring new services into the CMDB

3.1.2 Determine when each type of CI will be created in the CMDB

3.1.3 Identify when each type of CI will be retired in the CMDB

3.1.4 Record when and how attributes will change

3.1.5 Institute configuration control and configuration baselines

This step will walk you through the following aspects of a configuration management system:

  1. ITSM Practices and Workflows
  2. Discovery and Dependency Mapping Tools

This phase involves the following participants:

  1. IT service owners
  2. Enterprise architects
  3. Practice owners and managers
  4. SCM practice manager
  5. Project manager

Outcomes of this step

  • List of action items for updating interfacing practices and processes
  • Identification of where configuration records will be manually updated

Incorporate CMDB updates into IT operations

Determine which processes will prompt changes to the CMDB data

Onboard new services - Offboard Redundant Services. Onboard new CIs - Offboard Redundant CIs; Maintain CIs - Update Attributes.

Change enablement

Identify which process are involved in each stage of data input, maintenance, and removal to build out a process for each scenario.

Project management

Change enablement

Asset management

Security controls

Project management

Incident management

Deployment management

Change enablement

Asset management

Security controls

Project management

Incident management

Service management

Formalize the process for adding new services to the CMDB

As new services and products are introduced into the environment, you can improve your ability to correctly cost the service, design integrations, and ensure all operational capabilities are in place, such as data backup and business continuity plans.
In addition, attributes such as service-level agreements (SLAs), availability requirements, and product, technical, and business owners should be documented as soon as those new systems are made live.

  • Introduce the technical team and CCB to the product early to ensure the service record is created before deployment and to quickly map the services once they are moved into the production environment.
  • Engage with project managers or business analysts to define the process to include security and technical reviews early.
  • Engage with the security and technical reviewers to start documenting the service as soon as it is approved.
  • Determine which practices will be involved in the creation and approval of new services and formalize the process to streamline entry of the new service, onboarding corresponding CIs and mapping dependencies.

an example of the review and approval process for new service or products is shown.

3.1.1 Define processes to bring new services into the CMDB

Start with the most frequent intake methods, and if needed, use this opportunity to streamline the process.

  1. Discuss the methods for new services to be introduced to the IT environment.
  2. Critique existing methods to assess consistency and identify issues that could prevent the creation of services in the CMDB in a timely manner.
  3. Create a workflow for the existing processes, with an eye to improvement. Identify any changes that will need to be introduced and managed appropriately.
  4. Identify where additional groups may need to be engaged to ensure success. For example, if project managers are not interfacing early with IT, discuss process changes with them.
  5. Discuss the validation process and determine where control points are. Document these on the workflows.
  6. Complete the Configuration Management Standard Operating Procedures, section 8.1: Introduce New Service and Data Model.

Possible intake opportunities:

  • Business-driven project intake process
  • IT-driven project intake process
  • Change enablement reviews
  • Vendor-driven product changes
Input

Output

  • Discussion
  • Intake processes
MaterialsParticipants
  • Configuration Management Standard Operating Procedures
  • Configuration Management Diagram Template Library
  • Configuration control board
  • Configuration manager
  • Project sponsor
  • IT stakeholders

Identify scenarios where CIs are added and removed in the configuration management database

New CIs may be introduced with new services or may be introduced and removed as part of asset refreshes or through service restoration in incident management. Updates may be done by your own services team or a managed services provider.
Determine the various ways the CIs may be changed and test with various CI types.
Review attributes such as SLAs, availability requirements, and product, technical, and business owners to determine if changes are required.

  • Identify what will be updated automatically or manually. Automation could include discovery and dependency mapping or synchronization with AMDB or AIOps tools.
  • Engage with relevant program managers to define and validate processes.
  • Identify control points and review audit requirements.

An example of New or refresh CI from Procurement.

Info-Tech Insight

Data deemed no longer current may be archived or deleted. Retained data may be used for tracing lifecycle changes when troubleshooting or meeting audit obligations. Determine what types of CIs and use cases require archived data to meet data retention policies. If none do, deletion of old data may be appropriate.

3.1.2 Identify when each type of CI will be created in the CMDB

Allot 45 minutes for discussion.

  1. Discuss the various methods for new CIs to be introduced to the IT environment.
  2. Critique existing methods to assess consistency and identify issues that could prevent the creation of CIs in the CMDB in a timely manner.
  3. Create a workflow for the existing processes, with an eye to improvement. Identify any changes that will need to be introduced and managed appropriately.
  4. Identify where additional groups may need to be engaged to ensure success. For example, if project managers are not interfacing early with IT, discuss process changes with them.
  5. Discuss the validation process and determine where control points are. Document these on the workflows.
  6. Complete Configuration Management Standard Operating Procedures, section 8.2: Introduce New Configuration Items to the CMDB

Possible intake opportunities:

  • Business-driven project intake process
  • IT-driven project intake process
  • Change enablement reviews
  • Vendor-driven product changes
  • Incident management
  • Asset management, lifecycle refresh
Input

Output

  • Discussion
  • Retirement processes
MaterialsParticipants
  • Configuration Management Standard Operating Procedures
  • Configuration Management Diagram Template Library
  • Configuration control board
  • Configuration manager
  • Project sponsor
  • IT stakeholders

3.1.3 Identify when each type of CI will be retired in the CMDB

Allot 45 minutes for discussion.

  1. Discuss the various methods for CIs to be removed from the IT environment.
  2. Critique existing methods to assess consistency and identify issues that could prevent the retirement of CIs in the CMDB in a timely manner.
  3. Create a workflow for the existing processes, with an eye to improvement. Identify any changes that will need to be introduced and managed appropriately.
  4. Identify where additional groups may need to be engaged to ensure success. For example, if project managers are not interfacing early with IT, discuss process changes with them.
  5. Discuss the validation process and determine where control points are. Document these on the workflows.
  6. Discuss data retention. How long will retired information need to be archived? What are the potential scenarios where legacy information may be needed for analysis?
  7. Complete the Configuration Management Standard Operating Procedures, section 8.4: Retire and Archive Configuration Records.

Possible retirement scenarios:

  • Change enablement reviews
  • Vendor-driven product changes
  • Incident management
  • Asset management, lifecycle refresh
Input

Output

  • Discussion
  • Intake processes
MaterialsParticipants
  • Configuration Management Standard Operating Procedures
  • Configuration Management Diagram Template Library
  • Configuration control board
  • Configuration manager
  • Project sponsor
  • IT stakeholders

Determine appropriate actions for detecting new or changed CIs through discovery

Automated detection will provide the most efficient way of recording planned changes to CIs as well as detected unplanned changes. Check with the tool to determine what reports or notifications are available for the configuration management process and define what actions will be appropriate.

As new CIs are detected, identify the process by which they should have been introduced into configuration management and compare against those records. If your CMDB can automatically check for documentation, this may be easier. Weekly reporting will allow you to catch changes quickly, and alerts on critical CIs could enable faster remediation, if the tool allows for alerting. AIOps could identify, notify of, and process many changes in a highly dynamic environment.

Type of Change

Impacted Process

Validation

Findings

Actions

Configuration change to networking equipment or software

Change management

Check for request for change

No RFC

Add to CAB agenda, notify technical owner

Configuration change to end-user device or software

Asset management

Check for service ticket

No ticket

Escalate to asset agenda, notify service manager

New assets coming into service

Security incident and event management

Check for SIEM integration

No SIEM integration

Notify security operations team to investigate

The configuration manager may not have authority to act but can inform the process owners of unauthorized changes for further action. Once the notifications are forwarded to the appropriate process owner, the configuration manager will note the escalation and follow up on data corrections as deemed appropriate by the associated process owner.

3.1.4 Record when and how attributes will change

These lists will help with configuration control plans and your implementation roadmap.

  1. List each attribute that will change in that CI type's life.
  2. Write all the times that each attribute will change. Identify:
    1. The name of the workflow, service request, process, or practice that modifies the attribute.
    2. Whether the update is made automatically or manually.
    3. The role or tool that updates the CMDB.
  1. Update the relevant process or procedure documentation. Explicitly identify when the configuration records are updated.

Document these tables in Configuration Management Standard Operation Procedures, Section 8.7: Practices That Modify CIs.

Network Equipment
Attributes

Practices That Modify This Attribute

Status
  • Infra Deployment (updated manually by Network Engineering)
  • Change Enablement (updated manually by CAB or Network Engineering)
Assigned User
  • IT Employee Offboarding or Role Change (updated manually by Network Engineering)
Version
  • Patch Deployment (updated automatically by SolarWinds)
End-User Computers
Attributes
Practices That Modify This Attribute
Status
  • Device Deployment (updated manually by Desktop Support)
  • Device Recovery (updated manually by Desktop Support)
  • Employee Offboarding and Role Change (updated manually by Service Desk)
Assigned User
  • Device Deployment (updated manually by Desktop Support)
  • Device Recovery (updated manually by Desktop Support)
  • Employee Offboarding and Role Change (updated manually by Service Desk)
Version
  • Patch Deployment (updated automatically by ConfigMgr)

Institute configuration control and configuration baselines where appropriate

A baseline enables an assessment of one or more systems against the desired state and is useful for troubleshooting incidents or problems and validating changes and security settings.

Baselines may be used by enterprise architects and system engineers for planning purposes, by developers to test their solution against production copies, by technicians to assess configuration drift that may be causing performance issues, and by change managers to assess and verify the configuration meets the target design.

Configuration baselines are a snapshot of configuration records, displaying attributes and first-level relationships of the CIs. Standard configurations may be integral to the success of automated workflows, deployments, upgrades, and integrations, as well as prevention of security events. Comparing current CIs against their baselines will identify configuration drift, which could cause a variety of incidents. Configuration baselines are updated through change management processes.
Configuration baselines can be used for a variety of use cases:

  • Version control – Management of software and hardware versions, https://dj5l3kginpy6f.cloudfront.net/blueprints/harness-configuration-management-superpowers-phases-1-4/builds, and releases.
  • Access control – Management of access to facilities, storage areas, and the CMS.
  • Deployment control – Take a baseline of CIs before performing a release so you can use this to check against actual deployment.
  • Identify accidental changes Everyone makes mistakes. If someone installs software on the wrong server or accidentally drops a table in a database, the CMS can alert IT of the unauthorized change (if the CI is included in configuration control).

Info-Tech Insight

Determine the appropriate method for evaluating and approving changes to baselines. Delegating this to the CCB every time may reduce agility, depending on volume. Discuss in CCB meetings.

A decision tree for deploying requested changes.

3.1.5 Institute configuration control and configuration baselines where appropriate

Only baseline CIs and relationships that you want to control through change enablement.

  1. Determine criteria for capturing configuration baselines, including CI type, event, or processes.
  2. Identify who will use baselines and how they will use the data. Identify their needs.
  3. Identify CIs that will be out of scope and not have baselines created.
  4. Document requirements in the SOP.
  5. Ensure appropriate team members have training on how to create and capture baselines in the CMDB.
  6. Document in the Configuration Management Standard Operating Procedures, section 8.5: Establish and Maintain Configuration Baselines.
Process Criteria Systems
Change Enablement & Deployment All high-risk changes must have the baseline captured with version number to revert to stable version in the event of an unsuccessful change
  • Servers (physical and virtual)
  • Enterprise software
  • IaaS
  • Data centers
Security Identify when configuration drift may impact risk mitigation strategies
  • Servers (physical and virtual)
  • Enterprise software
  • IaaS
  • Data centers
Input

Output

  • Discussion
  • Baseline configuration guidelines
MaterialsParticipants
  • Configuration Management Standard Operating Procedures
  • Configuration control board
  • Configuration manager
  • Project sponsor
  • IT stakeholders

Step 3.2

Validate data within the CMDB

Activities

3.2.1 Build an audit plan and checklist

This step will walk you through the following aspects of a configuration management system:

  • Data validation and audit

This phase involves the following participants:

  • IT service owners
  • Enterprise architects
  • Practice owners and managers
  • SCM practice manager
  • Project manager
  • IT audit

Outcomes of this step

  • Updates to processes for data validation
  • Plan for auditing and validating the data in the CMDB

Audit and validate the CMDB

Review the performance of the supporting technologies and processes to validate the accuracy of the CMDB.

A screenshot of the CM Audit Plan.

CM Audit Plan

  • CM policies
  • CM processes and procedures
  • Interfacing processes
  • Content within the CMDB

"If the data in your CMDB isn't accurate, then it's worthless. If it's wrong or inaccurate, it's going to drive the wrong decisions. It's going to make IT worse, not better."
– Valence Howden, Research Director, Info-Tech Research Group

Ensure the supporting technology is working properly

Does the information in the database accurately reflect reality?

Perform functional tests during audits and as part of release management practices.

Audit results need to have a clear status of "compliant," "noncompliant," or "compliant with conditions," and conditions need to be noted. The conditions will generally offer a quick win to improve a process, but don't use these audit results to quickly check off something as "done." Ensure the fix is useful and meaningful to the process.
The audit should cover three areas:

  • Process: Are process requirements for the program well documented? Are the processes being followed? If there were updates to the process, were those updates to the process documented and communicated? Has behavior changed to suit those modified processes?
  • Physical: Physical configuration audits (PCAs) are audits conducted to verify that a configuration item, as built, conforms to the technical documentation that defines and describes it.
  • Functional: Functional configuration audits (FCAs) are audits conducted to verify that the development of a configuration item has been completed satisfactorily, the item has achieved the functional attributes specified in the functional or allocated baseline, and its technical documentation is complete and satisfactory.

Build auditing and validation of processes whenever possible

When technicians and analysts are working on a system, they should check to make sure the data about that system is correct. When they're working in the CMDB, they should check that the data they're working with is correct.

More frequent audits, especially in the early days, may help move toward process adoption and resolving data quality issues. If audits are happening more frequently, the audits can include a smaller scope, though it's important to vary each one to ensure many different areas have been audited through the year.

  • Watch for data duplication from multiple discovery tools.
  • Review mapping to ensure all relevant CIs are attached to a product or service.
  • Ensure report data is logical.

Ensure the supporting technology is working properly

Does the information in the database accurately reflect reality?

Perform functional tests during audits and as part of release management practices.

Audit results need to have a clear status of "compliant," "noncompliant," or "compliant with conditions," and conditions need to be noted. The conditions will generally offer a quick win to improve a process, but don't use these audit results to quickly check off something as "done." Ensure the fix is useful and meaningful to the process.
The audit should cover three areas:

  • Process: Are process requirements for the program well documented? Are the processes being followed? If there were updates to the process, were those updates to the process documented and communicated? Has behavior changed to suit those modified processes?
  • Physical: Physical configuration audits (PCAs) are audits conducted to verify that a configuration item, as built, conforms to the technical documentation that defines and describes it.
  • Functional: Functional configuration audits (FCAs) are audits conducted to verify that the development of a configuration item has been completed satisfactorily, the item has achieved the functional attributes specified in the functional or allocated baseline, and its technical documentation is complete and satisfactory.

More frequent audits, especially in the early days, may help move toward process adoption and resolving data quality issues. If audits are happening more frequently, the audits can include a smaller scope, though it's important to vary each one to ensure many different areas have been audited through the year.

  • Watch for data duplication from multiple discovery tools.
  • Review mapping to ensure all relevant CIs are attached to a product or service.
  • Ensure report data is logical.

Identify where processes break down and data is incorrect

Once process stops working, data becomes less accurate and people find workarounds to solve their own data needs.

Data within the CMDB often becomes incorrect or incomplete where human work breaks down

  • Investigate processes that are performed manually, including data entry.
  • Investigate if the process executors are performing these processes uniformly.
  • Determine if there are opportunities to automate or provide additional training.
  • Select a sample of the corresponding data in the CMS. Verify if the data is correct.

Non-CCB personnel may not be completing processes fully or consistently

  • Identify where data in the CMS needs to be updated.
  • Identify whether the process practitioners are uniformly updating the CMS.
  • Discuss options for improving the process and driving consistency for data that will benefit the whole organization.

Ensure that the data entered in the CMDB is correct

  • Confirm that there is no data duplication. Data duplication is very common when there are multiple discovery tools in your environment. Confirm that you have set up your tools properly to avoid duplication.
  • Build a process to respond to baseline divergence when people make changes without following change processes and when updates alter settings.
  • Audit the system for accuracy and completeness.

3.2.1 Build an audit plan and checklist

Use the audit to identify areas where processes are breaking down.

Audits present you with the ability to address these pain points before they have greater negative impact.

  1. Identify which regulatory requirements and/or auditing bodies will be relevant to audit processes or findings.
  2. Determine frequency of practice audits and how they relate to internal audits or external audits.
  3. Determine audit scope, including requirements for data spot checks.
  4. Determine who will be responsible for conducting audits and validate this is consistent with the RACI chart.
  5. Record audit procedures in the Configuration Management Standard Operating Procedures section 8.6: Verify and Review the Quality of Information Through Auditing.
  6. Review the Configuration Management Audit and Validation Checklist and modify to suit your needs.

Download the Configuration Management Audit and Validation Checklist

Input

Output

  • Discussion
  • Baseline configuration guidelines
MaterialsParticipants
  • Configuration Management Standard Operating Procedures
  • Configuration control board
  • Configuration manager
  • Project sponsor
  • IT stakeholders

Phase 4

Service Configuration Roadmap

StrategyData StructureProcessesRoadmap
  • Challenges and Goals
  • Use Cases and Data
  • Roles and Responsibilities
  • Services
  • Classifications
  • Data Modeling
  • Lifecycle Processes
  • Baselines
  • Audit and Data Validation
  • Metrics
  • Communications Plan
  • Roadmap

This phase will walk you through the following aspect of a configuration management system:
Roadmap
This phase involves the following participants:

  • IT service owners
  • Enterprise architects
  • Practice owners and managers
  • SCM practice manager
  • SCM project manager

Harness Service Configuration Management Superpowers

Step 4.1

Define measures of success

Activities

4.1.1 Identify key metrics to define configuration management success
4.1.2 Brainstorm and record desired reports, dashboards, and analytics
4.1.3 Build a configuration management policy

This phase will walk you through the following aspects of a configuration management system:

  • Metrics
  • Policy

This phase involves the following participants:

  • IT service owners
  • Enterprise architects
  • Practice owners and managers
  • SCM practice manager
  • SCM project manager

The value of metrics can be found in IT efficiency increases

When determining metrics for configuration management, be sure to separate metrics needed to gauge configuration management success and those that will use data from the CMDB to provide metrics on the success of other practices.

  • Metrics provide accurate indicators for IT and business decisions.
  • Metrics help you identify IT efficiencies and problems and solve issues before they become more serious.
  • Active metrics tracking makes root cause analysis of issues much easier.
  • Proper application of metrics helps IT services identification and prioritization.
  • Operational risks can be prevented by identifying and implementing metrics.
  • Metrics analysis increases the confidence of the executive team and ensures that IT is working well.

A funnel is shown. The output is IT Performance. The inputs are: Service Desk Metrics; Incident Metrics; Asset Mgmt. Metrics; Release Mgmt. Metrics; Change Mgmt. Metrics; Infra. Metrics

4.1.1 Identify key metrics to define configuration management success

Determine what metrics are specifically related to the practice and how and when metrics will be accessed.

Success factors

Key metrics

Source

Product and service configuration data is relevant

  • Stakeholder satisfaction with data access, accuracy, and usability
  • Stakeholder satisfaction with service configuration management interface, procedures, and reports

Stakeholder discussions

  • Number of bad decisions made due to incorrect or insufficient data
  • Impact of bad decisions made due to incorrect or insufficient data

Process owner discussions

  • Number and impact of data identified as incorrect
  • % of CMDB data verified over the period

CMDB

Cost and effort are continually optimized

  • Effort devoted to service configuration management
  • Cost of tools directly related to the process

Resource management or scheduling

ERP

Progress reporting

  • Communication execution
  • Process
  • Communications and feedback

Communications team and stakeholder discussions

Data – How many products are in the CMDB and are fully and accurately discovered and mapped?

CMDB

Ability to meet milestones on time and with appropriate quality

Project team

Document metrics in the Configuration Management Standard Operating Procedures, section 7: Success Metrics

Use performance metrics to identify areas to improve service management processes using CMDB data

Metrics can indicate a problem with service management processes but cannot provide a clear path to a solution on their own.

  • The biggest challenge is defining and measuring the process and people side of the equation.
  • Expected performance may also need to be compared to actual performance in planning, budgeting, and improvements.
  • The analysis will need to include critical success factors (CSFs), data collection procedures, office routines, engineering practices, and flow diagrams including workflows and key relationships.
  • External benchmarking may also prove useful in identifying how similar organizations are managing aspects of their infrastructure, processing transactions/requests, or staffing. If using external benchmarking for actual process comparisons, clearly defining your internal processes first will make the data collection process smoother and more informative.

Info-Tech Insight

Using a service framework such as ITIL, COBIT, or ISO 20000 may make this job easier, and subscribing to benchmarking partners will provide some of the external data needed for comparison.

4.1.2 Brainstorm and record desired reports, dashboards, and analytics with related practices

The project team will use this list as a starting point

Allot 45 minutes for this discussion.

  1. Create a table for each service or business capability.
    1. Have one column for each way of consuming data: reports, dashboards, and ad hoc analytics.
    2. Have one row for each stakeholder group that will consume the information.
  2. Use the challenges and use cases to brainstorm reports, dashboards, and ad hoc analytic capabilities that each stakeholder group will find useful.
  3. Record these results in your Configuration Management Standard Operating Procedures, section 7: Aligned Processes' Desired Analytical Capabilities.
Stakeholder Groups Reports Dashboards
Change Management
  • CI changes executed without an RFC
  • RFCs grouped by service
  • Potential collisions in upcoming changes
Security
  • Configuration changes that no longer match the baseline
  • New configuration items discovered
Finance
  • Service-based costs
  • Service consumption by department

Download the blueprint Take Control of Infrastructure and Operations Metrics to create a complete metrics program.

Create a configuration management policy and communicate it

Policies are important documents to provide definitive guidelines and clarity around data collection and use, process adherence, and controls.

  • A configuration management policy will apply to IT as the audience, and participants in the program will largely be technical.
  • Business users will benefit from a great configuration management program but will not participate directly.
  • The policy will include objectives and scope, use of data, security and integrity of data, data models and criteria, and baseline configurations.
  • Several governing regulations and practices may intersect with configuration management, such as ITIL, COBIT, and NIST frameworks, as well as change enablement, quality management, asset management, and more.
  • As the policy is written, review processes to ensure policies and processes are aligned. The policy should enable processes, and it may require modifications if it hinders the collection, security, or use of data required to meet proposed use cases.
  • Once the policy is written and approved, ensure all stakeholders understand the importance, context, and repercussions of the policy.

The approvals process is about appropriate oversight of the drafted policies. For example:

  • Do the policies satisfy compliance and regulatory requirements?
  • Do the policies work with the corporate culture?
  • Do the policies address the underlying need?

If the draft is approved:

  • Set the effective date and a review date.
  • Begin communication, training, and implementation.

Employees must know that there are new policies and understand the steps they must take to comply with the policies in their work.

Employees must be able to interpret, understand, and know how to act upon the information they find in the policies.

Employees must be informed on where to get help or ask questions and who to request policy exceptions from.

If the draft is rejected:

  • Acquire feedback and make revisions.
  • Resubmit for approval.

4.1.3 Build a configuration management policy

This policy provides the foundation for configuration control.

Use this template as a starting point.

The Configuration Management Policy provides the foundation for a configuration control board and the use of configuration baselines.
Instructions:

  1. Review and modify the policy statements. Ensure that the policy statements reflect your organization and the expectations you wish to set.
  2. If you don't have a CCB: The specified responsibilities can usually be assigned to either the configuration manager or the governing body for change enablement.
  3. Determine if you should apply this policy beyond SCM. As written, this policy may provide a good starting point for practices such as:
    • Secure baseline configuration management
    • Software configuration management

Two screenshots from the Configuration Management Policy template

Download the Configuration Management Policy template

Step 4.2

Build communications and a roadmap

Activities

4.2.1 Build a communications plan
4.2.2 Identify milestones

This phase will walk you through the following aspects of a configuration management system:

  • Communications plan
  • Roadmap

This phase involves the following participants:

  • IT service owners
  • Enterprise architects
  • Practice owners and managers
  • SCM practice manager
  • SCM project manager

Outcomes of this step

  • Documented expectations around configuration control
  • Roadmap and action items for the SCM project

Do not discount the benefits of a great communications plan as part of change management

Many configuration management projects have failed due to lack of organizational commitment and inadequate communications.

  • Start at the top to ensure stakeholder buy-in by verifying alignment and use cases. Without a committed project sponsor who believes in the value of configuration management, it will be difficult to draw the IT team into the vision.
  • Clearly articulate the vision, strategy, and goals to all stakeholders. Ensure the team understands why these changes are happening, why they are happening now, and what outcomes you hope to achieve.
  • Gain support from technical teams by clearly expressing organizational and departmental benefits – they need to know "what's in it for me."
  • Clearly communicate new responsibilities and obligations and put a feedback process in place to hear concerns, mitigate risk, and act on opportunities for improvement. Be prepared to answer questions as this practice is rolled out.
  • Be consistent in your messaging. Mixed messages can easily derail progress.
  • Communicate to the business how these efforts will benefit the organization.
  • Share documents built in this blueprint or workshop with your technical teams to ensure they have a clear picture of the entire configuration management practice.
  • Share your measures and view of success and communicate wins throughout building the practice.

30%

When people are truly invested in change, it is 30% more likely to stick.
McKinsey

82%

of CEOs identify organizational change management as a priority.
D&B Consulting

6X

Initiatives with excellent change management are six times more likely to meet objectives than those with poor change management.
Prosci

For a more detailed program, see Drive Technology Adoption

Formulate a communications plan to ensure all stakeholders and impacted staff will be aware of the plan

Communication is key to success in process adoption and in identifying potential risks and issues with integration with other processes. Engage as often as needed to get the information you need for the project and for adoption.

Identify Messages

Distinct information that needs to be sent at various times. Think about:

  • Who will be impacted and how.
  • What the goals are for the project/new process.
  • What the audience needs to know about the new process and how they will interface with each business unit.
  • How people can request configuration data.

Identify Audiences

Any person or group who will be the target of the communication. This may include:

  • Project sponsors and stakeholders.
  • IT staff who will be involved in the project.
  • IT staff who will be impacted by the project (i.e. who will benefit from it or have obligations to fulfill because of it).
  • Business sponsors and product owners.

Document and Track

Document messaging, medium, and responsibility, working with the communications team to refine messages before executing.

  • Identify where people can send questions and feedback to ensure they have the information they need to make or accept the changes.
  • Document Q&A and share in a central location.

Determine Timing

Successful communications plans consider timing of various messages:

  • Advanced high-level notice of improvements for those who need to see action.
  • Advanced detailed notice for those who will be impacted by workload.
  • Advanced notice for who will be impacted (i.e. who will benefit from it or have obligations to fulfill because of it) once the project is ready to be transitioned to daily life.

Determine Delivery

Work with your communications team, if you have one, to determine the best medium, such as:

  • Meeting announcement for stakeholders and IT.
  • Newsletter for those less impacted.
  • Intranet announcements: "coming soon!"
  • Demonstrations with vendors or project team.

4.2.1 Build a communications plan

The communications team will use this list as a starting point.

Allot 45 minutes for this discussion.

Identify stakeholders.

  1. Identify everyone who will be affected by the project and by configuration management.

Craft key messages tailored to each stakeholder group.

  1. Identify the key messages that must be communicated to each group.

Finalize the communication plan.

  1. Determine the most appropriate timing for communications with each group to maximize receptivity.
  2. Identify any communication challenges you anticipate and incorporate steps to address them into your communication plan.
  3. Identify multiple methods for getting the messages out (e.g. newsletters, emails, meetings).
  1. Identify how feedback will be collected (i.e. through interviews or surveys) to measure whether the changes were communicated well.
Audience Message Medium Timing Feedback Mechanism
Configuration Management Team Communicate all key processes, procedures, policies, roles, and responsibilities In-person meetings and email communications Weekly meetings Informal feedback during weekly meetings
Input

Output

  • Discussion
  • Rough draft of messaging for communications team
MaterialsParticipants
  • Project plan
  • Configuration manager
  • Project sponsor
  • IT director
  • Communications team

Build a realistic, high-level roadmap including milestones

Break the work into manageable pieces

  1. Plan to have multiple phases with short-, medium-, and long-term goals/timeframes. Building a CMDB is not easy and should be broken into manageable sections.
  2. Set reasonable milestones. For each phase, document goals to define "done" and ensure they're reasonable for the resources you have available. If working with a vendor, include them in your discussions of what's realistic.
  3. Treat the first phase as a pilot. Focus on items you understand well:
    1. Well-understood user-facing and IT services
    2. High-maturity management and governance practices
    3. Trusted data sources
  4. Capture high-value, high-criticality services early. Depending on the complexity of your systems, you may need to split this phase into multiple phases.

Document this table in the Configuration Management Project Charter, section 3.0: Milestones

Timeline/Owner Milestone/Deliverable Details
First four weeks Milestone: Plan defined and validated with ITSM installation vendor Define processes for intake, maintenance, and retirement.
Rebecca Roberts Process documentation written, approved, and ready to communicate Review CI categories

4.2.2 Identify milestones

Build out a high-level view to inform the project plan

Open the Configuration Management Project Charter, section 3: Milestones.
Instructions:

  1. Identify high-level milestones for the implementation of the configuration management program. This may include tool evaluation and implementation, assignment of roles, etc.
  2. Add details to fill out the milestone, keeping to a reasonable level of detail. This may inform vendor discussion or further development of the project plan.
  3. Add target dates to the milestones. Validate they are realistic with the team.
  4. Add notes to the assumptions and constraints section.
  5. Identify risks to the plan.

Two Screenshots from the Configuration Management Project Charter

Download the Configuration Management Project Charter

Workshop Participants

R = Recommended
O = Optional

Participants Day 1 Day 2 Day 3 Day 4
Configuration Management Strategy CMDB Data Structure Processes Communications & Roadmap
Morning Afternoon Morning Afternoon Morning Afternoon Morning Afternoon
Head of IT R O
Project Sponsor R R O O O O O O
Infrastructure, Enterprise Apps Leaders R R O O O O O O
Service Manager R R O O O O O O
Configuration Manager R R R R R R R R
Project Manager R R R R R R R R
Representatives From Network, Compute, Storage, Desktop R R R R R R R R
Enterprise Architecture R R R R O O O O
Owner of Change Management/Change Control/Change Enablement R R R R R R R R
Owner of In-Scope Apps, Use Cases R R R R R R R R
Asset Manager R R R R R R R R

Related Info-Tech Research

Research Contributors and Experts

Thank you to everyone who contributed to this publication

Brett Johnson, Senior Consultant, VMware

Yev Khovrenkov, Senior Consultant, Solvera Solutions

Larry Marks, Reviewer, ISACA New Jersey

Darin Ohde, Director of Service Delivery, GreatAmerica Financial Services

Jim Slick, President/CEO, Slick Cyber Systems

Emily Walker, Sr. Digital Solution Consultant, ServiceNow

Valence Howden, Principal Research Director, Info-Tech Research Group

Allison Kinnaird, Practice Lead, IT Operations, Info-Tech Research Group

Robert Dang, Principal Research Advisor, Security, Info-Tech Research Group

Monica Braun, Research Director, IT Finance, Info-Tech Research Group

Jennifer Perrier, Principal Research Director, IT Finance, Info-Tech Research Group

Plus 13 anonymous contributors

Bibliography

An Introduction to Change Management, Prosci, Nov. 2019.
BAI10 Manage Configuration Audit Program. ISACA, 2014.
Bizo, Daniel, et al, "Uptime Institute Global Data Center Survey 2021." Uptime Institute, 1 Sept. 2021.
Brown, Deborah. "Change Management: Some Statistics." D&B Consulting Inc. May 15, 2014. Accessed June 14, 2016.
Cabinet Office. ITIL Service Transition. The Stationery Office, 2011.
"COBIT 2019: Management and Governance Objectives. ISACA, 2018.
"Configuration Management Assessment." CMStat, n.d. Accessed 5 Oct. 2022.
"Configuration Management Database Foundation." DMTF, 2018. Accessed 1 Feb. 2021.
Configuration Management Using COBIT 5. ISACA, 2013.
"Configuring Service Manager." Product Documentation, Ivanti, 2021. Accessed 9 Feb. 2021.
"Challenges of Implementing configuration management." CMStat, n.d. Accessed 5 Oct. 2022.
"Determining if configuration management and change control are under management control, part 1." CMStat, n.d. Accessed 5 Oct. 2022.
"Determining if configuration management and change control are under management control, part 2." CMStat, n.d. Accessed 5 Oct. 2022.
"Determining if configuration management and change control are under management control, part 3." CMStat, n.d. Accessed 5 Oct. 2022.
"CSDM: The Recipe for Success." Data Content Manager, Qualdatrix Ltd. 2022. Web.
Drogseth, Dennis, et al., 2015, CMDB Systems: Making Change Work in the Age of Cloud and Agile. Morgan Kaufman.
Ewenstein, B, et al. "Changing Change Management." McKinsey & Company, 1 July 2015. Web.
Farrell, Karen. "VIEWPOINT: Focus on CMDB Leadership." BMC Software, 1 May 2006. Web.
"How to Eliminate the No. 1 Cause of Network Downtime." SolarWinds, 4 April 2014. Accessed 9 Feb. 2021.
"ISO 10007:2017: Quality Management -- Guidelines for Configuration Management." International Organization for Standardization, 2019.
"IT Operations Management." Product Documentation, ServiceNow, version Quebec, 2021. Accessed 9 Feb. 2021.
Johnson, Elsbeth. "How to Communicate Clearly During Organizational Change." Harvard Business Review, 13 June 2017. Web.
Kloeckner, K. et al. Transforming the IT Services Lifecycle with AI Technologies. Springer, 2018.
Klosterboer, L. Implementing ITIL Configuration Management. IBM Press, 2008.
Norfolk, D., and S. Lacy. Configuration Management: Expert Guidance for IT Service Managers and Practitioners. BCS Learning & Development Limited, revised ed., Jan. 2014.
Painarkar, Mandaar. "Overview of the Common Data Model." BMC Documentation, 2015. Accessed 1 Feb. 2021.
Powers, Larry, and Ketil Been. "The Value of Organizational Change Management." Boxley Group, 2014. Accessed June 14, 2016.
"Pulse of the Profession: Enabling Organizational Change Throughout Strategic Initiatives." PMI, March 2014. Accessed June 14, 2016.
"Service Configuration Management, ITIL 4 Practice Guide." AXELOS Global Best Practice, 2020
"The Guide to Managing Configuration Drift." UpGuard, 2017.

Optimize the Service Desk With a Shift-Left Strategy

  • Buy Link or Shortcode: {j2store}478|cart{/j2store}
  • member rating overall impact (scale of 10): 9.4/10 Overall Impact
  • member rating average dollars saved: $21,171 Average $ Saved
  • member rating average days saved: 11 Average Days Saved
  • Parent Category Name: Service Desk
  • Parent Category Link: /service-desk
  • Tier 2 and 3 specialists lose time and resources working on tickets instead of more complex projects.
  • The service desk finds themselves resolving the same incidents over and over, wasting manual work on tasks that could be automated.
  • Employees expect modern, consumer-like experiences when they need help; they want to access information and resources from wherever they are and have the tools to solve their problems themselves without waiting for help.

Our Advice

Critical Insight

  • It can be difficult to overcome the mindset that difficult functions need to be escalated. Shift left involves a cultural change to the way the service desk works, and overcoming objections and getting buy-in up front is critical.
  • Many organizations have built a great knowledgebase but fail to see the value of it over time as it becomes overburdened with overlapping and out-of-date information. Knowledge capture, updating, and review must be embedded into your processes if you want to keep the knowledgebase useful.
  • Similarly, the self-service portal is often deployed out of the box with little input from end users and fails to deliver its intended benefits. The portal needs to be designed from the end user’s point of view with the goal of self-resolution if it will serve its purpose of deflecting tickets.

Impact and Result

  • Embrace a shift-left strategy by moving repeatable service desk tasks and requests into lower-cost delivery channels such as self-help tools and automation.
  • Shift work from Tier 2 and 3 support to Tier 1 through good knowledge management practices that empower the first level of support with documented solutions to recurring issues and free up more specialized resources for project work and higher value tasks.
  • Shift knowledge from the service desk to the end user by enabling them to find their own solutions. A well-designed and implemented self-service portal will result in fewer logged tickets to the service desk and empowered, satisfied end users.
  • Shift away manual repetitive work through the use of AI and automation.
  • Successfully shifting this work left can reduce time to resolve, decrease support costs, and increase end-user satisfaction.

Optimize the Service Desk With a Shift-Left Strategy Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to understand why a shift-left strategy can help to optimize your service desk, review Info-Tech's methodology, and understand the four ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Prepare to shift left

Assess whether you’re ready to optimize the service desk with a shift-left strategy, get buy-in for the initiative, and define metrics to measure success.

  • Optimize the Service Desk With a Shift-Left Strategy – Phase 1: Prepare to Shift Left
  • Shift-Left Prerequisites Assessment
  • Shift-Left Strategy
  • Shift-Left Stakeholder Buy-In Presentation

2. Design shift-left model

Build strategy and identify specific opportunities to shift service support left to Level 1 through knowledge sharing and other methods, to the end-user through self-service, and to automation and AI.

  • Optimize the Service Desk With a Shift-Left Strategy – Phase 2: Design Shift Left Model
  • Shift-Left Action Plan
  • Knowledge Management Workflows (Visio)
  • Knowledge Management Workflows (PDF)
  • Self-Service Portal Checklist
  • Self-Service Resolution Workflow (Visio)
  • Self-Service Resolution Workflow (PDF)

3. Implement and communicate

Identify, track, and implement specific shift-left opportunities and document a communications plan to increase adoption.

  • Optimize the Service Desk With a Shift-Left Strategy – Phase 3: Implement & Communicate
  • Incident Management Workflow (Visio)
  • Incident Management Workflow (PDF)
[infographic]

Workshop: Optimize the Service Desk With a Shift-Left Strategy

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Prepare to Shift Left

The Purpose

Define how shift left would apply in your organization, get buy-in for the initiative, and define metrics to measure success.

Key Benefits Achieved

Defined scope and objectives for the shift-left initiative

Buy-in for the program

Metrics to keep the project on track and evaluate success

Activities

1.1 Review current service desk structure

1.2 Discuss challenges

1.3 Review shift-left model and discuss how it would apply in your organization

1.4 Complete the Shift-Left Prerequisites Assessment

1.5 Complete a RACI chart for the project

1.6 Define and document objectives

1.7 Review the stakeholder buy-in presentation

1.8 Document critical success factors

1.9 Define KPIs and metrics

Outputs

Shift-left scope

Completed shift-left prerequisites assessment

RACI chart

Defined objectives

Stakeholder buy-in presentation

Critical success factors

Metrics to measure success

2 Plan to Shift to Level 1

The Purpose

Build strategy and identify specific opportunities to shift service support left to Level 1 through knowledge sharing and other methods.

Key Benefits Achieved

Identified initiatives to shift work to Level 1

Documented knowledge management process workflows and strategy

Activities

2.1 Identify barriers to Level 1 resolution

2.2 Discuss knowledgebase challenges and areas for improvement

2.3 Optimize KB input process

2.4 Optimize KB usage process

2.5 Optimize KB review process

2.6 Discuss and document KCS strategy and roles

2.7 Document knowledge success metrics

2.8 Brainstorm additional methods of increasing FLR

Outputs

KB input workflow

KB usage workflow

KB review workflow

KCS strategy and roles

Knowledge management metrics

Identified opportunities to shift to Level 1

3 Plan to Shift to End User and Automation

The Purpose

Build strategy and identify specific opportunities to shift service support left to the end user through self-service and to automation and AI.

Key Benefits Achieved

Identified initiatives to shift work to self-service and automation

Evaluation of self-service portal and identified opportunities for improvement

Activities

3.1 Review existing self-service portal and discuss vision

3.2 Identify opportunities to improve portal accessibility, UI, and features

3.3 Evaluate the user-facing knowledgebase

3.4 Optimize the ticket intake form

3.5 Document plan to improve, communicate, and evaluate portal

3.6 Map the user experience with a workflow

3.7 Document your AI strategy

3.8 Identify candidates for automation

Outputs

Identified opportunities to improve portal

Improvements to knowledgebase

Improved ticket intake form

Strategy to communicate and measure success of portal

Self-service resolution workflow

Strategy to apply AI and automation

Identified opportunities to shift tasks to automation

4 Build Implementation and Communication Plan

The Purpose

Build an action plan to implement shift left, including a communications strategy.

Key Benefits Achieved

Action plan to track and implement shift-left opportunities

Communications plan to increase adoption

Activities

4.1 Examine process workflows for shift-left opportunities

4.2 Document shift-left-specific responsibilities for each role

4.3 Identify and track shift-left opportunities in the action plan

4.4 Brainstorm objections and responses

4.5 Document communications plan

Outputs

Incident management workflow with shift-left opportunities

Shift left responsibilities for key roles

Shift-left action plan

Objection handling responses

Communications plan

Create and Manage Enterprise Data Models

  • Buy Link or Shortcode: {j2store}340|cart{/j2store}
  • member rating overall impact (scale of 10): 9.2/10 Overall Impact
  • member rating average dollars saved: $7,263 Average $ Saved
  • member rating average days saved: 16 Average Days Saved
  • Parent Category Name: Data Management
  • Parent Category Link: /data-management
  • Business executives don’t understand the value of Conceptual and Logical Data Models and how they define their data assets.
  • Data, like mercury, is difficult to manage and contain.
  • IT needs to justify the time and cost of developing and maintaining Data Models.
  • Data as an asset is only perceived from a physical point of view, and the metadata that provides context and definition is often ignored.

Our Advice

Critical Insight

  • Data Models tell the story of the organization and its data in pictures to be used by a business as a tool to evolve the business capabilities and processes.
  • Data Architecture and Data Modeling have different purposes and should be represented as two distinct processes within the software development lifecycle (SDLC).
  • The Conceptual Model provides a quick win for both business and IT because it can convey abstract business concepts and thereby compartmentalize the problem space.

Impact and Result

  • A Conceptual Model can be used to define the semantics and relationships for your analytical layer.
    • It provides a visual representation of your data in the semantics of business.
    • It acts as the anchor point for all data lineages.
    • It can be used by business users and IT for data warehouse and analytical planning.
    • It provides the taxonomies for data access profiles.
    • It acts as the basis for your Enterprise Logical and Message Models.

Create and Manage Enterprise Data Models Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should create enterprise data models, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Setting the stage

Prepare your environment for data architecture.

  • Enterprise Data Models

2. Revisit your SDLC

Revisit your SDLC to embed data architecture.

  • Enterprise Architecture Tool Selection

3. Develop a Conceptual Model

Create and maintain your Conceptual Data Model via an iterative process.

4. Data Modeling Playbook

View the main deliverable with sample models.

  • Data Modeling Playbook
[infographic]

Workshop: Create and Manage Enterprise Data Models

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Establish the Data Architecture Practice

The Purpose

Understand the context and goals of data architecture in your organization.

Key Benefits Achieved

A foundation for your data architecture practice.

Activities

1.1 Review the business context.

1.2 Obtain business commitment and expectations for data architecture.

1.3 Define data architecture as a discipline, its role, and the deliverables.

1.4 Revisit your SDLC to embed data architecture.

1.5 Modeling tool acquisition if required.

Outputs

Data Architecture vision and mission and governance.

Revised SDLC to include data architecture.

Staffing strategy.

Data Architecture engagement protocol.

Installed modeling tool.

2 Business Architecture and Domain Modeling

The Purpose

Identify the concepts and domains that will inform your data models.

Key Benefits Achieved

Defined concepts for your data models.

Activities

2.1 Revisit business architecture output.

2.2 Business domain selection.

2.3 Identify business concepts.

2.4 Organize and group of business concepts.

2.5 Build the Business Data Glossary.

Outputs

List of defined and documented entities for the selected.

Practice in the use of capability and business process models to identify key data concepts.

Practice the domain modeling process of grouping and defining your bounded contexts.

3 Harvesting Reference Models

The Purpose

Harvest reference models for your data architecture.

Key Benefits Achieved

Reference models selected.

Activities

3.1 Reference model selection.

3.2 Exploring and searching the reference model.

3.3 Harvesting strategies and maintaining linkage.

3.4 Extending the conceptual and logical models.

Outputs

Established and practiced steps to extend the conceptual or logical model from the reference model while maintaining lineage.

4 Harvesting Existing Data Artifacts

The Purpose

Gather more information to create your data models.

Key Benefits Achieved

Remaining steps and materials to build your data models.

Activities

4.1 Use your data inventory to select source models.

4.2 Match semantics.

4.3 Maintain lineage between BDG and existing sources.

4.4 Select and harvest attributes.

4.5 Define modeling standards.

Outputs

List of different methods to reverse engineer existing models.

Practiced steps to extend the logical model from existing models.

Report examples.

5 Next Steps and Wrap-Up (offsite)

The Purpose

Wrap up the workshop and set your data models up for future success.

Key Benefits Achieved

Understanding of functions and processes that will use the data models.

Activities

5.1 Institutionalize data architecture practices, standards, and procedures.

5.2 Exploit and extend the use of the Conceptual model in the organization.

Outputs

Data governance policies, standards, and procedures for data architecture.

List of business function and processes that will utilize the Conceptual model.

COVID-19 Work Status Tracking Guide

  • Buy Link or Shortcode: {j2store}594|cart{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Manage & Coach
  • Parent Category Link: /manage-coach
  • Keeping track of the multiple and frequently changing work arrangements on your team.
  • Ensuring you have a fast and easy way to keep an up-to-date record of where and how employees are working.

Our Advice

Critical Insight

  • During these critical times, keeping track of employees’ work status doesn’t have to be complicated – the right tool is one that does the job.
  • Keeping track of your employees is a health and safety issue – deployed well, it is an aid in keeping the business running and an additional communication channel, not a sign of lack of trust.

Impact and Result

  • An Excel spreadsheet is all you need to ensure you have a way to record work arrangements that can change by the day.
  • An easy-to-use tool means minimal administrative overhead to ensuring you have this critical information at hand.

COVID-19 Work Status Tracking Guide Research & Tools

Start here – read the Work Status Tracking Guide

Read our recommendations and use the accompanying tool to quickly get a handle on your team’s work arrangements.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

  • COVID-19 Work Status Tracking Guide Storyboard
  • COVID-19 Work Status Tracking Tool
[infographic]

Build Your Security Operations Program From the Ground Up

  • Buy Link or Shortcode: {j2store}263|cart{/j2store}
  • member rating overall impact (scale of 10): 9.7/10 Overall Impact
  • member rating average dollars saved: $56,299 Average $ Saved
  • member rating average days saved: 43 Average Days Saved
  • Parent Category Name: Security Processes & Operations
  • Parent Category Link: /security-processes-and-operations
  • Analysts cannot monitor and track events coming from multiple tools because they have no visibility into the threat environment.
  • Incident management takes away time from problem management because processes are ad hoc and the continuous monitoring, collection, and analysis of massive volumes of security event data is responsive rather than tactical.
  • Organizations are struggling to defend against and prevent threats while juggling business, compliance, and consumer obligations.

Our Advice

Critical Insight

  • Security operations is no longer a center but a process. The need for a physical security hub has evolved into the virtual fusion of prevention, detection, analysis, and response efforts. When all four functions operate as a unified process, your organization will be able to proactively combat changes in the threat landscape.
  • Raw data without correlation is a waste of time, money, and effort. A SIEM on its own will not provide this contextualization and needs configuration. Prevention, detection, analysis, and response processes must contextualize threat data and supplement one another – true value will only be realized once all four functions operate as a unified process.
  • If you are not communicating, then you are not secure. Collaboration eliminates siloed decisions by connecting people, processes, and technologies. You leave less room for error, consume fewer resources, and improve operational efficiency with a transparent security operations process.

Impact and Result

  • A centralized security operations process actively transforms security events and threat information into actionable intelligence, driving security prevention, detection, analysis, and response processes that address the increasing sophistication of cyberthreats while guiding continuous improvement.
  • This blueprint will walk through the steps of developing a flexible and systematic security operations program relevant to your organization.

Build Your Security Operations Program From the Ground Up Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should build a security operations program, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Establish your foundation

Determine how to establish the foundation of your security operations.

  • Build Your Security Operations Program From the Ground Up – Phase 1: Establish Your Foundation
  • Information Security Pressure Analysis Tool

2. Assess your current state

Assess the maturity of your prevention, detection, analysis, and response processes.

  • Build Your Security Operations Program From the Ground Up – Phase 2: Assess Your Current State
  • Security Operations Roadmap Tool

3. Design your target state

Design a target state and improve your governance and policy solutions.

  • Build Your Security Operations Program From the Ground Up – Phase 3: Design Your Target State
  • Security Operations Policy

4. Develop an implementation roadmap

Make your case to the board and develop a roadmap for your prioritized security initiatives.

  • Build Your Security Operations Program From the Ground Up – Phase 4: Develop an Implementation Roadmap
  • In-House vs. Outsourcing Decision-Making Tool
  • Security Operations MSSP RFP Template
  • Security Operations Project Charter Template
  • Security Operations RACI Tool
  • Security Operations Metrics Summary Document
[infographic]

Workshop: Build Your Security Operations Program From the Ground Up

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Establish Your Foundation

The Purpose

Identify security obligations and the security operations program’s pressure posture.

Assess current people, process, and technology capabilities.

Determine foundational controls and complete system and asset inventory.

Key Benefits Achieved

Identified the foundational elements needed for planning before a security operations program can be built

Activities

1.1 Define your security obligations and assess your security pressure posture.

1.2 Determine current knowledge and skill gaps.

1.3 Shine a spotlight on services worth monitoring.

1.4 Assess and document your information system environment.

Outputs

Customized security pressure posture

Current knowledge and skills gaps

Log register of essential services

Asset management inventory

2 Assess Current Security Operations Processes

The Purpose

Identify the maturity level of existing security operations program processes.

Key Benefits Achieved

Current maturity assessment of security operations processes

Activities

2.1 Assess the current maturity level of the existing security operations program processes.

Outputs

Current maturity assessment

3 Design a Target State

The Purpose

Design your optimized target state.

Improve your security operations processes with governance and policy solutions.

Identify and prioritize gap initiatives.

Key Benefits Achieved

A comprehensive list of initiatives to reach ideal target state

Optimized security operations with repeatable and standardized policies

Activities

3.1 Complete standardized policy templates.

3.2 Map out your ideal target state.

3.3 Identify gap initiatives.

Outputs

Security operations policies

Gap analysis between current and target states

List of prioritized initiatives

4 Develop an Implementation Roadmap

The Purpose

Formalize project strategy with a project charter.

Determine your sourcing strategy for in-house or outsourced security operations processes.

Assign responsibilities and complete an implementation roadmap.

Key Benefits Achieved

An overarching and documented strategy and vision for your security operations

A thorough rationale for in-house or outsourced security operations processes

Assigned and documented responsibilities for key projects

Activities

4.1 Complete a security operations project charter.

4.2 Determine in-house vs. outsourcing rationale.

4.3 Identify dependencies of your initiatives and prioritize initiatives in phases of implementation.

4.4 Complete a security operations roadmap.

Outputs

Security operations project charter

In-house vs. outsourcing rationale

Initiatives organized according to phases of development

Planned and achievable security operations roadmap

Sustain and Grow the Maturity of Innovation in Your Enterprise

  • Buy Link or Shortcode: {j2store}91|cart{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Innovation
  • Parent Category Link: /innovation
  • Customers are not waiting – they are insisting on change now. The recent litany of business failures and the ongoing demand for improved services means that “not in my backyard” will mean no backyard.
  • Positive innovation is about achieving tomorrow’s success today, where everyone is a leader and ideas and people can flourish – in every sector.

Our Advice

Critical Insight

  • Many innovation programs are not delivering value at a time when change is constant and is impacting both public and private sector organizations.
  • Organizations are not well-positioned in terms of leadership skills to advance their innovation programs.
  • Unlock your innovation potential by looking at your innovation projects on both a macro and micro level.
  • Innovation capacity is directly linked with creativity; allow your employees' creativity to flourish using Info-Tech’s positive innovation techniques.
  • Innovations need to be re-harvested each year in order to maximize your return on investment.

Impact and Result

  • From an opportunity perspective, create an effective innovation program that spawns more innovations, realizes benefits from existing assets not fully being leveraged, and lays the groundwork for enhanced products and services.
  • This complementary toolkit and method (to existing blueprints/research) guides you to assess the “aspiration level” of innovations and the innovation program, assess the resources/capabilities that an entity has to date employed in its innovation program, and position IT for success to achieve the strategic objectives of the enterprise.

Sustain and Grow the Maturity of Innovation in Your Enterprise Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should formalize processes to improve your innovation program, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Scope and define

Understand your current innovation capabilities and create a mandate for the future of your innovation program.

  • Sustain and Grow the Maturity of Innovation in Your Enterprise – Phase 1: Scope and Define
  • Innovation Program Mandate and Terms of Reference Template
  • Innovation Program Overview Presentation Template
  • Innovation Assessment Tool

2. Assess and aspire

Assess opportunities for your innovation program on a personnel and project level, and provide direction on how to improve along these dimensions.

  • Sustain and Grow the Maturity of Innovation in Your Enterprise – Phase 2: Assess and Aspire
  • Appreciative Inquiry Questionnaire

3. Implement and inspire

Formalize the innovation improvements you identified earlier in the blueprint by mapping them to your IT strategy.

  • Sustain and Grow the Maturity of Innovation in Your Enterprise – Phase 3: Implement and Inspire
  • Innovation Planning Tool
[infographic]

Workshop: Sustain and Grow the Maturity of Innovation in Your Enterprise

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Pre-Work

The Purpose

Gather data that will be analyzed in the workshop.

Key Benefits Achieved

Information gathered with which analysis can be performed.

Activities

1.1 Do an inventory of innovations/prototypes underway.

1.2 High-level overview of all existing project charters, and documentation of innovation program.

1.3 Poll working group or key stakeholders in regards to scope of innovation program.

Outputs

Up-to-date inventory of innovations/prototypes

Document review of innovation program and its results to date

Draft scope of the innovation program and understanding of the timelines

2 Scope and Define

The Purpose

Scope the innovation program and gain buy-in from major stakeholders.

Key Benefits Achieved

Buy-in from IT steering committee for innovation program improvements.

Activities

2.1 Establish or re-affirm values for the program.

2.2 Run an initial assessment of the organization’s innovation potential (macro level).

2.3 Set/reaffirm scope and budget for the program.

2.4 Define or refine goals and outcomes for the program.

2.5 Confirm/re-confirm risk tolerance of organization.

2.6 Update/document innovation program.

2.7 Create presentation to gain support from the IT steering committee.

Outputs

Innovation program and terms of reference

Presentation on organization innovation program for IT steering committee

3 Assess and Aspire

The Purpose

Analyze the current performance of the innovation program and identify areas for improvement.

Key Benefits Achieved

Identify actionable items that can be undertaken in order to improve the performance of the innovation program.

Activities

3.1 Assess your level of innovation per innovation project (micro level).

3.2 Update the risk tolerance level of the program.

3.3 Determine if your blend of innovation projects is ideal.

3.4 Re-prioritize your innovation projects (if needed).

3.5 Plan update to IT steering committee.

3.6 Assess positive innovation assessment of team.

3.7 Opportunity analysis of innovation program and team.

Outputs

Positive innovation assessment

Re-prioritized innovation projects

Updated presentation for IT steering committee

4 Implement and Inspire

The Purpose

Formalize the innovation program by tying it into the IT strategy.

Key Benefits Achieved

A formalized innovation program that is closely tied to the IT strategy.

Activities

4.1 Update business context in terms of impact on IT implications.

4.2 Update IT strategy in terms of impact and benefits of innovation program.

4.3 Update/create innovation program implementation plan.

4.4 Plan update for IT steering committee.

Outputs

Updated business context

Updated IT strategy

Innovation implementation plan, including roadmap

Updated presentation given to IT steering committee

The Accessibility Business Case for IT

  • Buy Link or Shortcode: {j2store}519|cart{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Lead
  • Parent Category Link: /lead
  • Laws requiring digital accessibility are changing and differ by location.
  • You need to make sure your digital assets, products, and services (internal and external) are accessible to everyone, but getting buy-in is difficult.
  • You may not know where your gaps in understanding are because conventional thinking is driven by compliance and risk mitigation.

Our Advice

Critical Insight

  • The longer you put off accessibility, the more tech debt you accumulate and the more you risk losing access to new and existing markets. The longer you wait to adopt standards and best practices, the more interest you’ll accumulate on accessibility barriers and costs for remediation.
  • Implementing accessibility feels counterintuitive to IT departments. IT always wants to optimize and move forward, but with accessibility you may stay at one level for what feels like an uncomfortably long period. Don’t worry; building consistency and shifting culture takes time.
  • Accessibility goes beyond compliance, which should be an outcome, not the objective. With 1 billion people worldwide with some form of disability, nearly everyone likely has a connection to disability, whether it be in themselves, family, or colleagues. The market of people with disabilities has a spending power of more than $6 trillion (WAI, 2018).

Impact and Result

  • Take away the overwhelm that many feel when they hear “accessibility” and make the steps for your organization approachable.
  • Clearly communicate why accessibility is critical and how it supports the organization’s key objectives and initiatives.
  • Understand your current state related to accessibility and identify areas for key initiatives to become part of the IT strategic roadmap.

The Accessibility Business Case for IT Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. The Accessibility Business Case for IT – Clearly communicate why accessibility is critical and how it supports the organization’s key objectives and initiatives.

A step-by-step approach to walk you through understanding your current state related to accessibility maturity, identifying your desired future state, and building your business case to seek buy-in. This storyboard will help you figure out what’s right for your organization and build the accessibility business case for IT.

  • The Accessibility Business Case for IT – Phases 1-3

2. Accessibility Business Case Template – A clear, concise, and compelling business case template to communicate the criticality of accessibility.

The business case for accessibility is strong. Use this template to communicate to senior leaders the benefits, challenges, and risks of inaction.

  • Accessibility Business Case Template

3. Accessibility Maturity Assessment – A structured tool to help you identify your current accessibility maturity level and identify opportunities to ensure progress.

This tool uses a capability maturity model framework to evaluate your current state of accessibility. Maturity level is assessed on three interconnected aspects (people, process, and technology) across six dimensions proven to impact accessibility. Complete the assessment to get recommendations based on where you’re at.

  • Accessibility Maturity Assessment

Infographic

Further reading

The Accessibility Business Case for IT

Accessibility goes beyond compliance

Analyst Perspective

Avoid tech debt related to accessibility barriers

Accessibility is important for individuals, businesses, and society. Diverse populations need diverse access, and it’s essential to provide access and opportunity to everyone, including people with diverse abilities. In fact, access to information and communications technologies (ICT) is a basic human right according to the United Nations.

The benefits of ICT accessibility go beyond compliance. Many innovations that we use in everyday life, such as voice activation, began as accessibility initiatives and ended up creating a better lived experience for everyone. Accessibility can improve user experience and satisfaction, and it can enhance your brand, drive innovation, and extend your market reach (WAI, 2022).

Although your organization might be required by law to ensure accessibility, understanding your users’ needs and incorporating them into your processes early will determine success beyond just compliance.

Heather Leier-Murray, Senior Research Analyst, People and Leadership

Heather Leier-Murray
Senior Research Analyst, People and Leadership
Info-Tech Research Group

Executive Summary

Your Challenge Common Obstacles Info-Tech’s Approach

Global IT and business leaders are challenged to make digital products and services accessible because inaccessibility comes with increasing risk to brand reputation, legal ramifications, and constrained market reach.

  • Laws requiring digital accessibility are changing and differ by location.
  • You need to make sure your digital assets, products, and services (internal and external) are accessible to everyone.
  • The cost of inaction is rising.

Understanding where to start, where accessibility lives, and if or when you’re done can be overwhelmingly difficult.

  • Executive leadership buy-in is difficult to get.
  • Conventional thinking is driven by compliance and risk mitigation.
  • You don’t know where your gaps in understanding are.

Conventional approaches to accessibility often fail because users are expected to do the hard work. You have to be doing 80% of the hard work.1

Use Info-Tech’s research and resources to do what’s right for your organization. This framework takes away the overwhelm that many feel when they hear “accessibility” and makes the steps for your organization approachable.

  • Clearly communicate why accessibility is critical and how it supports the organization’s key objectives and initiatives.
  • Understand your current state related to accessibility and identify areas for key initiatives to become part of the IT strategic roadmap.

1. Harvard Business Review, 2021

Info-Tech Insight
The longer you put off accessibility, the more tech debt you accumulate and the more you risk losing access to new and existing markets. The longer you wait to adopt standards and best practices, the more interest you’ll accumulate on accessibility barriers and costs for remediation.

Your challenge

This research is designed to help organizations who are looking to:

  • Build a business case for accessibility.
  • Ensure that digital assets, products, and services are accessible to everyone, internally and externally.
  • Support staff and build skills to support the organization with accessibility and accommodation.
  • Get assistance figuring out where to start on the road to accessibility compliance and beyond.

The cost of inaction related to accessibility is rising. Preparing for accessibility earlier helps prevent tech debt; the longer you wait to address your accessibility obligations, the more costly it gets.

More than 3,500 digital accessibility lawsuits were filed in the US in 2020, up more than 50% from 2018.

Source: UsableNet. Inc.

Common obstacles

These barriers make accessibility difficult to address for many organizations:

  • You don’t know where your gaps in understanding are. Recognizing the importance of accessibility and how it fits into the bigger picture is key to developing buy-in.
  • Too often organizations focus on mitigating risk by being compliance driven. Shifting focus to the user experience, internally and externally, will realize better results.
  • Conventional approaches to accessibility often fail because the expectation is for users to do the hard work. One in five people have a permanent disability, but it’s likely everyone will be faced with some sort of disability at some point in their lives.1 Your organization has to be doing at least 80% of the hard work.2
  • Other types of compliance reside clearly with one area of the organization. Accessibility, however, has many homes: IT, user experience (UX), customer experience (CX), and even HR.

1. Smashing Magazine

2. Harvard Business Review, 2021

90% of companies claim to prioritize diversity.

Source: Harvard Business Review, 2020

Only 4% of those that claim to prioritize diversity consider disability in those initiatives.

Source: Harvard Business Review, 2020

The four principles of accessibility

WCAG (Web Content Accessibility Guidelines) identifies four principles of accessibility. WCAG is the most referenced standard in website accessibility lawsuits.

The four principles of accessibility

Source: eSSENTIAL Accessibility, 2022

Why organizations address accessibility

Top three reasons:

61% 62% 78%
To comply with laws To provide the best UX To include people with disabilities

Source: Level Access

Still, most businesses aren’t meeting compliance standards. Even though legislation has been in place for over 30 years, a 2022 study by WebAIM of 1,000,000 homepages returned a 96.8% WCAG 2.0 failure rate.

Source: Institute for Disability Research, Policy, and Practice

How organizations prioritize digital accessibility

43% rated it as a top priority.

36% rated it as important.

Fewer than 5% rated as either low priority or not even on the radar.

More than 65% agreed or strongly agreed it’s a higher priority than last year.

Source: Angel Business Communications

Organizations expect consumers to do more online

The pandemic led to many businesses going digital and more people doing things online.

Chart of activities performed more often compared to before COVID-19

Chart of activities performed for the first time during COVID-19

Source: Statistics Canada

Disability is part of being human

Merriam-Webster defines disability as a “physical, mental, cognitive, or developmental condition that impairs, interferes with, or limits a person’s ability to engage in certain tasks or actions or participate in typical daily activities and interactions.”1

The World Health Organization (WHO) points out that a crucial part of the definition of disability is that it’s not just a health problem, but the environment impacts the experience and extent of disability. Inaccessibility creates barriers for full participation in society.2

The likelihood of you experiencing a disability at some point in your life is very high, whether a physical or mental disability, seen or unseen, temporary or permanent, severe or mild.2

Many people acquire disabilities as they age yet may not identify as “a person with a disability.”3 Where life expectancies are over 70 years of age, 11.5% of life is spent living with a disability. 4

“Extreme personalization is becoming the primary difference in business success, and everyone wants to be a stakeholder in a company that provides processes, products, and services to employees and customers with equitable, person-centered experiences and allows for full participation where no one is left out.”
– Paudie Healy, CEO, Universal Access

1. Merriam-Webster
2. World Health Organization
3. Digital Leaders, as cited in WAI, 2018
4. Disabled World, as cited in WAI, 2018

Untapped talent resource

Common myths about people with disabilities:

  • They can’t work.
  • They need more time off or are absent more often.
  • Only basic, unskilled work is appropriate for them.
  • Their productivity is lower than that of coworkers.
  • They cost more to recruit, train, and employ.
  • They decrease others’ productivity.
  • They’re not eligible for governmental financial incentives (e.g. apprentices).
  • They don’t fit in.

These assumptions prevent organizations from hiring valuable people into the workforce and retaining them.

Source: Forbes

50% to 70% of people with disabilities are unemployed in industrialized countries. In the US alone, 61 million adults have a disability.

Source: United Nations, as cited in Forbes

Thought Model

Info-Tech’s methodology for the accessibility business case for IT

1. Understand Current State 2. Plan for Buy-in 3. Prepare Your Business Case
Phase Steps
  1. Understand standards and legislation
  2. Build awareness
  3. Understand current accessibility maturity level Define desired future state
  1. Define desired future state
  2. Define goals and objectives
  3. Document roles and responsibilities
  1. Customize and populate the Accessibility Business Case Template and gain approval
  2. Validate post-approval steps and establish timelines
Phase Outcomes
  • Accessibility maturity assessment
  • Accessibility drivers determined
  • Goals defined
  • Objectives identified
  • Roles and responsibilities documented
  • Business case drafted
  • Approval to move forward with implementing your accessibility program
  • Next steps and timelines

Insight Summary

Insight 1 The longer you put off accessibility, the more tech debt you accumulate and the more you risk losing access to new and existing markets. The longer you wait to adopt standards and best practices, the more interest you’ll accumulate on accessibility barriers and costs for remediation.
Insight 2 Implementing accessibility feels counterintuitive to IT departments. IT always wants to optimize and move forward, but with accessibility you may stay at one level for what feels like an uncomfortably long period. Don’t worry; building consistency and shifting culture takes time.
Insight 3 Accessibility goes beyond compliance, which should be an outcome, not the objective. With 1 billion people worldwide with some form of disability, nearly everyone likely has a connection to disability, whether it be in themselves, family, or colleagues. The market of people with disabilities has a spending power of more than $6 trillion.1

1. WAI, 2018

Blueprint deliverables

This blueprint is accompanied by supporting deliverables to help you accomplish your goals.

Accessibility Business Case Template

The business case for accessibility is strong. Use this template to communicate to senior leaders the benefits and challenges of accessibility and the risks of inaction.

Accessibility Maturity Assessment

Use this assessment to understand your current accessibility maturity.

Blueprint benefits

Business Benefits IT Benefits
  • Don’t lose out on a 6-trillion-dollar market.
  • Don’t miss opportunities to work with organizations because you’re not accessible.
  • Enable and empower current employees with disabilities.
  • Minimize potential for negative brand reputation due to a lack of consideration for people with disabilities.
  • Decrease the risk of legal action being brought upon the organization.
  • Understand accessibility and know your role in it for your organization and your team members.
  • Be prepared and able to provide the user experience you want.
  • Decrease tech debt – start early to ensure accessibility for everyone.
  • Access an untapped labor market.
  • Mitigate IT retention challenges.

Measure the value of this blueprint

Improve stakeholder satisfaction and engagement

  • Tracking measures to understand the value of this blueprint is a critical part of the process.
  • Monitor employee engagement, overall stakeholder satisfaction with IT, and the overall end-customer satisfaction.
  • Remember, accessibility is not a one-and-done project – just because measures are positive does not mean your work is done.

In phase 2 of this blueprint, we will help you establish current-state and target-state metrics for your organization.

Suggested Metrics
Overall end-customer satisfaction
Monies saved through cost optimization efforts
Employee engagement
Monies save through application rationalization and standardization

For more metrics ideas, see the Info-Tech IT Metrics Library.

Executive Brief Case Study

INDUSTRY
Technology

SOURCE
W3C Web Accessibility Initiative (WAI), 2018

Google

Investing in accessibility
With an innovative edge, Google invests in accessibility with the objective of making life easier for everyone. Google has created a broad array of accessibility innovations in its products and services so that people with disabilities get as much out of them as anyone else.

Part of Google’s core mission, accessibility means more to Google than implementing fixes. It is viewed positively by the organization and drives it to be more innovative to make information available to everyone. Google approaches accessibility problems not as barriers but as ways to innovate and discover breakthroughs that will become mainstream in the future.

Results
Among Google’s innovations are contrast minimums, auto-complete, voice-control, AI advances, and machine learning auto-captioning. All of these were created for accessibility purposes but have positively impacted the user experience in general for Google.

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit Guided Implementation Workshop Consulting
"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

Diagnostics and consistent frameworks are used throughout all four options.

Guided Implementation

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

A typical GI is 4 to 6 calls over the course of 2 to 4 months.

What does a typical GI on this topic look like?

Phase 1 Phase 2 Phase 3

Call #1: Discuss motivation for the initiative and foundational knowledge requirements.

Call #2: Discuss next steps to assess current accessibility maturity.

Call #3: Discuss stakeholder engagement and future-state analysis.

Call #4: Discuss defining goals and objectives, along with roles and responsibilities.

Call #5: Review draft business case presentation.

Call #6: Discuss post-approval steps and timelines.

Phase 1

Understand Your Current State

Phase 1
1.1 Understand standards and legislation
1.2 Build awareness
1.3 Understand maturity level

Phase 2
2.1 Define desired future state
2.2 Define goals and objectives
2.3 Document roles and responsibilities

Phase 3
3.1 Prepare business case template for presentation and approval
3.2 Validate post-approval steps and establish timelines

The Accessibility Business Case for IT

This phase will walk you through the following activities:

  • Identifying and understanding accessibility and compliance requirements and the ramifications of noncompliance.
  • Defining accessibility, disability, and disability inclusion and building awareness of these with senior leaders.
  • Completing the Accessibility Maturity Assessment to help you understand your current state.

Step 1.1

Understand standards and legislation

Activities

1.1.1 Make a list of the legislation you need to comply with

1.1.2 Seek legal and/or professional services’ input on compliance

1.1.3 Detail the risks of inaction for your organization

Understand Your Current State

Outcomes of this step
You will gain foundational understanding of the breadth of the regulation requirements for your organization. You will have reviewed and understand what is applicable to your organization.

The regulatory landscape is evolving

Canada

  • Canadian Human Rights Act
  • Policy on Communications and Federal Identity
  • Canadian Charter of Rights and Freedoms
  • Accessibility for Ontarians with Disabilities Act
  • Accessible Canada Act of 2019 (ACA)

Europe

  • UK Equality Act 2010
  • EU Web and Mobile Accessibility Directive (2016)
  • EN 301 549 European Standard – Accessibility requirements for public procurement of ICT products and services

United States

  • Section 508 of the US Rehabilitation Act of 1973
  • Americans with Disabilities Act of 1990 (ADA)
  • Section 255 of the Telecommunications Act of 1996
  • Air Carrier Access Act of 1986
  • 21st Century Communications and Video Accessibility Act of 2010 (CVAA)

New Zealand

  • Human Rights Act 1993
  • Online Practice Guidelines for Government

Australia

  • Disability Discrimination Act 1992 (DDA)

Regulatory systems are moving toward an international standard.

1.1.1 Make a list of the legislation you need to comply with

  1. Download the Accessibility Business Case Template.
  2. Conduct research and investigate what legislation and standards are applicable to your organization.
  3. a) Start by looking at your local legislation.
    b) Then consider any other regions you conduct business in.
    c) Also account for the various industries you are in.
  4. While researching, build a list of legislation requirements. Document these in your Accessibility Business Case Template as part of the Project Context section.
Input Output
  • Research
  • Websites
  • Articles
  • List of legislation that applies to the organization related to accessibility
Materials Participants
  • Accessibility Business Case Template
  • Project leader/initiator

Download the Accessibility Business Case Template

1.1.2 Seek professional advice on compliance

  1. Have general counsel review your list of regulations and standards related to accessibility or seek legal and/or professional support to review your list.
  2. Review or research further the implications of any suggestions from legal counsel.
  3. Make any updates to the Legal Landscape slide in the Accessibility Business Case Template.
Input Output
  • Compiled list of applicable legislation and standards
  • Confirmed list of regulations that are applicable to your organization related to accessibility
Materials Participants
  • Accessibility Business Case Template
  • Project leader/initiator
  • General counsel/professional services

Download the Accessibility Business Case Template

Ramifications of noncompliance

Go beyond financial consequences

Beyond the costs resulting from a claim, noncompliance can damage your organization in several ways.

Financial Impact

ADA Warning Shot: A complaint often indicates pending legal action to come. Addressing issues on a reactive, ad hoc basis can be quite expensive. It can cost almost $10,000 to address a single complaint, and chances are if you have one complaint, you have many.

Lawsuit Costs: In the US, 265,000 demand letters were sent in 2020 under the ADA for inaccessible websites. On average, a demand letter could cost the company $25,000 (conservatively). These are low-end numbers; another estimate is that a small, quickly settled digital accessibility lawsuit could cost upwards of $350,000 for the defendant.

Non-Financial Impact

Reputational Impact: Claims brought upon a company can bring negative publicity with them. In contrast, having a clear commitment to accessibility demonstrates inclusion and can enhance brand image and reputation. Stakeholder expectations are changing, and consumers, investors, and employees alike want to support businesses with a purpose.

Technology Resource Strains: Costly workarounds and ad hoc accommodation processes take away from efficiency and effectiveness. Updates and redesigns for accessibility and best practices will reduce costs associated with maintenance and service, including overall stakeholder satisfaction improvements.

Access to Talent: 2022 saw a record high number of job openings, over 11.4 million in the US alone. Ongoing labor shortages require eliminating bias and keeping an open mind about who is qualified.

Source: May Hopewell

In the last four years, 83% of the retail 500 have been sued. Since 2018, 417 of the top 500 have received ADA-based digital lawsuits.

Source: UsableNet

1.1.3 Detail the risks of inaction for your organization

  1. Using the information that you’ve gathered through your research and legal/professional advice, detail the risks of inaction for your organization.
  2. a) Consider legal risks, consumer risks, brand risks, and employee risks. (Remember, risks aren’t just monetary.)
  3. Document the risks in your Accessibility Business Case Template.
InputOutput
  • List of applicable legislation and standards
  • Information about risks
  • Identified accessibility maturity level
MaterialsParticipants
  • Accessibility Business Case Template
  • Project leader/initiator

Download the Accessibility Business Case Template

Step 1.2

Build awareness of accessibility and disability inclusion

Activities

1.2.1 Identify gaps in understanding

1.2.2 Brainstorm how to reframe accessibility positively

Understand Your Current State

Outcomes of this step
You’ll have a better understanding of accessibility so that you can effectively implement and promote it.

Where to look for understanding

First-hand experience of how people with disabilities interact with your organization is often eye-opening. It will help you understand the benefits and value of accessibility.

Where to look for understanding

  • Talk with people you know with disabilities that are willing to share.*
  • Find role-specific training that’s appropriate.
  • Research. Articles and videos are easy to find.
  • Set up assistive technology trials.
  • Seek out first-hand experience from people with disabilities and how they work and use digital assets.

Source: WAI, 2016

* Remember, people with disabilities aren't obligated to discuss or explain their disabilities and may not be comfortable sharing. If you're asking for their time, be respectful, only ask if appropriate, and accept a "no" answer if the person doesn't wish to assist.

1.2.1 Identify gaps in understanding

Find out what accessibility is and why it is important. Learn the basics.

  1. Using the information that you’ve gathered through your research and legal counsel, conduct further research to understand the importance of accessibility.
  2. Answer these questions:
  3. a) What is accessibility? Why is it important?
    b) From the legislation and standards identified in step 1.1, what gaps exist?
    c) What is the definition of disability?
    d) How does your organization currently address accessibility?
    e) What are your risks?
    f) Do you have any current employees who have disabilities?
  4. Review the previous slide for suggestions on where to find more information to answer the above questions.
  5. Document any changes to the risks in your Accessibility Business Case Template.
InputOutput
  • Articles
  • Interviews
  • Websites
  • Greater understanding of the lived experience of people with disabilities
MaterialsParticipants
  • Articles
  • Websites
  • Accessibility Business Case Template
  • Project leader/initiator

Download the Accessibility Business Case Template

Reframe accessibility as a benefit, not a burden

A clear understanding of accessibility and the related standards and regulations can turn accessibility from something big and scary to an achievable part of the business.

The benefits of accessibility are:

Market Reach Minimized Legal Risks Innovation Retention
Over 1 billion people with a spending power of $6 trillion make up the global market of people with disabilities.1 Accessibility improves the experience for all users. In addition, many organizations require you to provide proof you meet accessibility standards during the RFP process. Accessibility regulations are changing, and claims are rising. Costs associated with legal proceedings can be more than just financial. Many countries have laws you need to follow. People with disabilities bring diversity of thought, have different lived experiences, and benefit inclusivity, which helps drive engagement. Plus accessibility features often solve unanticipated problems. Employing and supporting people with disabilities can reduce turnover and improve retention, reliability, company image, employee loyalty, ability awareness, and more.

Source 1: WAI, 2018

1.2.2 Brainstorm ways to reframe accessibility positively

  1. Using the information that you’ve gathered through your research, brainstorm additional positives of accessibility for your organization.
  2. Clearly identify the problem you want to solve (e.g., reframing accessibility positively in your organization).
  3. Collect any tools you want to use to during brainstorming (e.g., whiteboard, markers, sticky notes)
  4. Write down all the ideas that come to mind.
  5. Review all the points and group them into themes.
  6. Update the Accessibility Business Case Template with your findings.
InputOutput
  • Research you have gathered
  • List of ways to positively reframe accessibility for your organization
MaterialsParticipants
  • Sticky notes, whiteboard, pens, paper, markers.
  • Accessibility Business Case Template
  • Project leader/initiator

Download the Accessibility Business Case Template

Make it part of the conversation

A first step to disability and accessibility awareness is to talk about it. When it is talked about as freely as other things are in the workplace, this can create a more welcoming workplace.

Accessibility goes beyond physical access and includes technological access and support as well as our attitudes.

Accessibility is making sure everyone (disabled or abled) can access the workplace equally.

Adjustments in the workplace are necessary to create an accessible and welcoming environment. Understanding the three dimensions of accessibility in the workplace is a good place to start.

Source: May Hopewell

Three dimensions of accessibility in the workplace

Three dimensions of accessibility in the workplace

Case Study

INDUSTRY
Professional Services

SOURCE
Accenture

Accenture takes an inclusive approach to increase accessibility.

Accessibility is more than tools

Employee experience was the focus of embarking on the accessibility journey, ensuring inclusivity was built in and every employee was able to use the tools they needed and could achieve their goals.

"We are removing barriers in technology to make all of our employees, regardless of their ability, more productive.”
— Melissa Summers, Managing Director – Global IT, Corporate Technology, Accenture

Accessibility is inclusive

The journey began with formalizing a Global IT Accessibility practice and defining an accessibility program charter. This provided direction and underpinned the strategy used to create a virtual Accessibility Center of Excellence and map out a multiyear plan of initiatives.

The team then identified all the technologies they wanted to enhance by prioritizing ones that were high use and high impact. Involving disability champions gave insight into focus areas.

Accessibility is innovation

Working with partners like Microsoft and over 100 employees, Accenture continues toward the goal of 75% accessibility for all its global high-traffic internal platforms.

Achievements thus far include:

  • 100% of new Accenture video and broadcast content is automatically captioned.
  • Accenture received a perfect Disability Equality Index (US) score of 100 out of 100 for 2017, 2018, and 2019.

Step 1.3

Understand your current accessibility maturity level

Activities

1.3.1 Complete the Accessibility Maturity Assessment

Understand Your Current State

Outcomes of this step
Completed Accessibility Maturity Assessment to inform planning for and building your business case in Phases 2 and 3.

Know where you are to know where to go

Consider accessibility improvements from three interconnected aspects to determine current maturity level

Accessibility Maturity

People

  • Consider employee, customer, and user experience.

Process

  • Review processes to ensure accessibility is considered early.

Technology

  • Whether it’s new or existing, technology is an important tool to increase accessibility.

Accessibility maturity levels

INITIAL DEVELOPING DEFINED MANAGED OPTIMIZE
At this level, accessibility processes are mostly undocumented, if they exist. Accessibility is most likely happening on a reactive, ad hoc basis. No one understands who is responsible for accessibility or what their role is. At this stage the organization is driven by the need for compliance. At the developing level, the organization is taking steps to increase accessibility but still has a lot of opportunity for improvements. The organization is defining and refining processes and is working toward building a library of assistive tools. At this level, processes related to accessibility are repeatable. However, there’s a tendency to resort to old habits under stress. The organization has tools in place to facilitate accommodation requests and technology is compatible with assistive technologies. Accessibility initiatives are driven by the desire to make the user experience better. The managed level is defined by its effective accessibility controls, processes, and metrics. The organization can mostly anticipate preferences of customers, employees, and users. The roles and responsibilities are defined, and disability is included as part of the organization’s diversity, equity, and inclusion (DEI) initiatives. This level is not the goal for all organizations. At this level there is a shift in the organization’s culture to a feeling of belonging. The organization also demonstrates ongoing process improvements. Everyone can experience a seamless interaction with the organization. The focus is on continuous improvement and using feedback to inform future initiatives.

Determine your level of maturity

Use Info-Tech’s Accessibility Maturity Assessment

  • On the accessibility questionnaire, tab 2, choose how much the statements apply to your organization. Answer the questions based on your knowledge of your current state organizationally.
  • Once you’ve answered all the questions, see the results on the tab 3, Accessibility Results. You can see your overall maturity level and the maturity level for each of six dimensions that are necessary to increase the success of an accessibility program.
  • Click through to tab 4, Recommendations, to see specific recommendations based on your results and proven research to progress through the maturity levels. Keep in mind that not all organizations will or should aspire to the “Optimize” maturity level.

1.3.1 Complete the Accessibility Maturity Assessment

  1. Download the Accessibility Maturity Assessment and save it with the date so that as you work on your accessibility program, you can reassess later and track your progress.
  2. Once you have saved the assessment, select the appropriate answer for each statement on tab 2, Accessibility Questions, based on your knowledge of the organization’s approach.
  3. After reviewing all the accessibility statements, see your maturity level results on tab 3, Accessibility Results. Then see tab 4, Recommendations, for suggestions based on your answers.
  4. Document your accessibility maturity results in your Accessibility Business Case Template.
Input Output
  • Assess your current state of accessibility by choosing all the statements that apply to your organization
  • Identified accessibility maturity level
Materials Participants
  • Accessibility Maturity Assessment
  • Accessibility Business Case Template
  • Project leader/sponsor
  • IT leadership team

Download the Accessibility Business Case Template

Phase 2

Plan for Senior Leader Buy-In

Phase 1
1.1 Understand standards and legislation
1.2 Build awareness
1.3 Understand maturity level

Phase 2
2.1 Define desired future state
2.2 Define goals and objectives
2.3 Document roles and responsibilities

Phase 3
3.1 Prepare business case template for presentation and approval
3.2 Validate post-approval steps and establish timelines

The Accessibility Business Case for IT

This phase will walk you through the following activities:

  • Defining your desired future state.
  • Determining your accessibility program goals and objectives.
  • Clarifying and documenting roles and responsibilities related to accessibility in IT.

This phase involves the following participants:

  • Project lead/sponsor
  • IT leadership team
  • Senior leaders/decision makers

Step 2.1

Define the desired future state of accessibility

Activities

2.1.1 Identify key stakeholders

2.1.2 Hold a key stakeholder focus group

2.1.3 Conduct a future-state analysis

Outcomes of this step
Following this step, you will have identified your aspirational maturity level and what your accessibility future state looks like for your organization.

Plan for Senior Leader Buy-In

Cheat sheet: Identify stakeholders

Ask stakeholders, “Who else should I be talking to?” to discover additional stakeholders and ensure you don’t miss anyone.

Identify stakeholders through the following questions:
  • Who in areas of influence will be adversely affected by potential environmental and social impacts of what you are doing?
  • At which stage will stakeholders be most affected (e.g. procurement, implementation, operations, decommissioning)?
  • Will other stakeholders emerge as the phases are started and completed?
  • Who is sponsoring the initiative?
  • Who benefits from the initiative?
  • Who is negatively impacted by the initiative?
  • Who can make approvals?
  • Who controls resources?
  • Who has specialist skills?
  • Who implements the changes?
  • Who are the owners, governors, customers, and suppliers of impacted capabilities or functions?
Take a 360-degree view of potential internal and external stakeholders who might be impacted by the initiative.
  • Executives
  • Peers
  • Direct reports
  • Partners
  • Customers
  • Subcontractors
  • Subcontractors
  • Contractors
  • Lobby groups
  • Regulatory agencies

Categorize your stakeholders with a stakeholder prioritization map

A stakeholder prioritization map helps teams categorize their stakeholders by their level of influence and ownership.

There are four areas in the map, and the stakeholders within each area should be treated differently.

Players – Players have a high interest in the initiative and the influence to effect change over the initiative. Their support is critical, and a lack of support can cause significant impediment to the objectives.

Mediators – Mediators have a low interest but significant influence over the initiative. They can help to provide balance and objective opinions to issues that arise.

Noisemakers – Noisemakers have low influence but high interest. They tend to be very vocal and engaged, either positively or negatively, but have little ability to enact their wishes.

Spectators – Generally, spectators are apathetic and have little influence over or interest in the initiative.

Stakeholder prioritization map

Define strategies for engaging stakeholders by type

Each group of stakeholders draws attention and resources away from critical tasks.

By properly identifying your stakeholder groups, you can develop corresponding actions to manage stakeholders in each group. This can dramatically reduce wasted effort trying to satisfy Spectators and Noisemakers while ensuring the needs of the Mediators and Players are met.

Type Quadrant Actions
Players High influence, high interest Actively Engage
Keep them engaged through continuous involvement. Maintain their interest by demonstrating their value to its success.
Mediators High influence, low interest Keep Satisfied
They can be the game changers in groups of stakeholders. Turn them into supporters by gaining their confidence and trust, and include them in important decision-making steps. In turn, they can help you influence other stakeholders.
Noisemakers Low influence, high interest Keep Informed
Try to increase their influence (or decrease it if they are detractors) by providing them with key information, supporting them in meetings, and using Mediators to help them.
Spectators Low influence, low interest Monitor
They are followers. Keep them in the loop by providing clarity on objectives and status updates.

2.1.1 Identify key stakeholders

Collect this information by:

  1. List direct stakeholders for your area. Include stakeholders across the organization (both IT and business units) and externally.
  2. Create a stakeholder map to capture your stakeholders’ interest in and influence on digital accessibility.
  3. Shortlist stakeholders to invite as focus group participants in activity 2.1.2.
    • Aim for a combination of Players, Mediators, and Noisemakers.
Input Output
  • List of stakeholders
  • Stakeholder requirements
  • A stakeholder map
  • List of stakeholders to include in the focus group in step 2.1.2
Materials Participants
  • Sticky notes, pens, whiteboard, markers (optional)
  • Project leader/sponsor

Hold a focus group to initiate planning

Involve key stakeholders to determine the organizational drivers of accessibility, identify target maturity and key performance indicators (KPIs), and ultimately build the project charter.

Building the project charter as a group will help you to clarify your key messages and secure buy-in from critical stakeholders up-front, which is key.

Executing the business case for accessibility requires significant involvement from your IT leadership team. The challenge is that accessibility can be overwhelming because of inherent bias. Members of your IT leadership team will also need to participate in knowledge transfer, so get them involved up-front. The focus group will help stakeholders feel more engaged in the project, which is pivotal for success.

You may feel like a full project charter isn’t necessary, and depending on your organizational size, it might not be. However, the exercise of building the charter is important regardless. No matter your current climate, some level of socializing the value of and plans for accessibility will be necessary.

Meeting Agenda

  1. Short introduction
    Led by: Project Sponsor
    • Why the initiative is being considered.
  2. Make the case for the project
    Led by: Project Manager
    • Current state: What does the initiative address?
    • Future state: What is our target state of maturity?
  3. Success criteria
    Led by: Project Manager
    • How will success be measured?
  4. Define the project team
    Led by: Project Manager
    • Description of planned approach.
    • Stakeholder assessment.
    • What is required of the sponsor and stakeholders?
  5. Determine next steps
    Led by: Project Manager

2.1.2 Hold a stakeholder focus group

Identify the pain points you want to resolve and some of the benefits that you’d like to see from a program. By doing so, you’ll get a holistic view of what you need to achieve and what your drivers are.

  1. Ask the working group participants (as a whole or in smaller groups) to discuss pain points created by inaccessibility.
    • Challenges related to stakeholders.
    • Challenges created by process issues.
    • Difficulties improving accessibility practices.
  2. Discuss opportunities to be gained from improving these practices.
  3. Have participants write these down on sticky notes and place them on a whiteboard or flip chart.
  4. Review all the points as a group. Group challenges and benefits into themes.
  5. Have the group prioritize the risks and benefits in terms of what the solution must have, should have, could have, and won’t have.
Input Output
  • Reasons for the project
  • Stakeholder requirements
  • Pain points and risks
  • A prioritized list of risks and benefits of the solution
Materials Participants
  • Agenda (see previous slide)
  • Sticky notes, pens, whiteboard, markers (optional)
  • IT leadership
  • Other key stakeholders

While defining future state, consider your drivers

The Info-Tech Accessibility Maturity Framework identifies three key strategic drivers: compliance, experience, and incorporation.

  • Over 30% of organizations are focused on compliance, according to a 2022 survey by Harvard Business Review and Slack’s Future Forum. The survey asked more than 10,000 workers in six countries about their organizations’ approach to DEI.2

Even though 90% of companies claim to prioritize diversity,1 over 30% are focused on compliance.2

1. Harvard Business Review, 2020
2. Harvard Business Review, 2022

31.6% of companies remain in the Compliant stage, where they are focused on DEI compliance and not on integrating DEI throughout the organization or on creating continual improvement.

Source: Harvard Business Review, 2022

Align the benefits of program drivers to organizational goals or outcomes

Although there will be various motivating factors, aligning the drivers of your accessibility program provides direction to the program. Connecting the advantages of program drivers to organizational goals builds the confidence of senior leaders and decision makers, increasing the continued commitment to invest in accessibility programming.

Drivers Compliance Experience Incorporation
Maturity level Initial Developing Defined Managed Optimized
Description Any accessibility initiative is to comply with the minimum legislated requirement. Desire to avoid/decrease legal risk. Accessibility initiatives are focused on improving the experience of everyone from the start. Most organizations will be experience driven. Desire to increase accessibility and engagement. Accessibility is a seamless part of the whole organization and initiatives are focused on impacting social issues.
Advantages Compliance is a good starting place for accessibility. It will reduce legal risk. Being people focused from the start of processes enables the organization to reduce tech debt, provide the best user experience, and realize other benefits of accessibility. There is a sense of belonging in the organization. The entire organization experiences the benefits of accessibility.
Disadvantages Accessibility is about more than just compliance. Being compliance driven won’t give you the full benefits of accessibility. This can mean a culture change for the organization, which can take a long time. IT is used to moving quickly – it might feel counterintuitive to slow down and take time. It takes much longer to reach the associated level of maturity. Not possible for all organizations.

Info-Tech Accessibility Maturity Framework

Info-Tech Accessibility Maturity Framework

After initially ensuring your organization is compliant with regulations and standards, you will progress to building disciplined process and consistent standardized processes. Eventually you will build the ability for predictable process, and lastly, you’ll optimize by continuously improving.

Depending on the level of maturity you are trying to achieve, it could take months or even years to implement. The important thing to understand, however, is that accessibility work is never done.

At all levels of the maturity framework, you must consider the interconnected aspects of people, process, and technology. However, as the organization progresses, the impact will shift from largely being focused on process and technology improvement to being focused on people.

Info-Tech Insight
IT typically works through maturity frameworks from the bottom to the top, progressing at each level until they reach the end. When it comes to digital accessibility initiatives, being especially thorough, thoughtful, and collaborative is critical to success. This will mean spending more time in the Developing, Defined, and Managed levels of maturity rather than trying to reach Optimized as quickly as you can. This may feel contrary to what IT historically considers as a successful implementation.

Accessibility maturity levels

Driver Description Benefits
Initial Compliance
  • Accessibility processes are mostly undocumented.
  • Accessibility happens mostly on a reactive or ad hoc basis.
  • No one is aware of who is responsible for accessibility or what role they play.
  • Heavily focused on complying with regulations and standards to decrease legal risk.
  • The organization is aware of the need for accessibility.
  • Legal risk is decreased.
Developing Experience
  • The organization is starting to take steps to increase accessibility beyond compliance.
  • Lots of opportunity for improvement.
  • Defining and refining processes.
  • Working toward building a library of assistive tools.
  • Awareness of the need for accessibility is growing.
  • Process review for accessibility increases process efficiency through avoiding rework.
Defined Experience
  • Accessibility processes are repeatable.
  • There is a tendency to resort to old habits under stress.
  • Tools are in place to facilitate accommodation.
  • Employees know accommodations are available to them.
  • Accessibility is becoming part of daily work.
Managed Experience
  • Defined by effective accessibility controls, processes, and metrics.
  • Mostly anticipating preferences.
  • Roles and responsibilities are defined.
  • Disability is included as part of DEI.
  • Employees understand their role in accessibility.
  • Engagement is positively impacted.
  • Attraction and retention are positively impacted.
Optimized Incorporation
  • Not the goal for every organization.
  • Characterized by a dramatic shift in organizational culture and a feeling of belonging.
  • Ongoing continuous improvement.
  • Seamless interactions with the organization for everyone.
  • Using feedback to inform future initiatives.
  • More likely to be innovative and inclusive, reach more people positively, and meet emerging global legal requirements.
  • Better equipped for success.

2.1.3 Conduct future-state analysis

Identify your target state of maturity

  1. Provide the group with your maturity assessment results to review as well as the slides on the maturity levels, framework, and drivers.
  2. Compare the benefits listed on the Accessibility maturity levels slide to those that you named in the previous exercise and determine which maturity level best describes your target state.
  3. Discuss as a group and agree on one desired maturity level to reach.
  4. Review the other levels of maturity and determine what is in and out of scope for the project (higher-level benefits would be considered out of scope).
  5. Document your target state of maturity in your Accessibility Business Case Template.
Input Output
  • Accessibility maturity levels chart on previous slide
  • Maturity level assessment results
  • Target maturity level documented
Materials Participants
  • Paper and pens
  • Handouts of maturity levels
  • Accessibility Business Case Template
  • IT leadership team

Download the Accessibility Business Case Template

Case Study

Accessibility as a differentiator

INDUSTRY
Financial

SOURCE
WAI-Engage

Accessibility inside and out

As a financial provider, Barclays embarked on the accessibility journey to engage customers and employees with the goal of equal access for all. One key statement that provided focus was “Essential for some, easier for all. ”

“It's about helping everyone to work, bank and live their lives regardless of their age, situation, abilities or circumstances.”

Embedding into experiences

“The Barclays Accessibility team [supports] digital teams to embed accessibility into our services and culture through effective governance, partnering, training and tools. Establishing an enterprise-wide accessibility strategy, standards and programmes coupled with senior sponsorship helps support our publicly stated ambition of becoming the most accessible and inclusive FTSE company.”

– Paul Smyth, Head of Digital Accessibility, Barclays

It’s a circle, not a roadmap

  • Barclays continues the journey through partnerships with disability charities and accessibility experts and through regularly engaging with customers and colleagues with disabilities directly.
  • More accessible, inclusive products and services engage and attract more people with disabilities. This translates to a more diverse workforce that identifies opportunities for innovation. This leads to being attractive to diverse talent, and the circle continues.
  • Barclays’ mobile banking app was first to be accredited by accessibility consultants AbilityNet.

Step 2.2

Define your accessibility program goals and objectives

Activities

2.2.1 Create a list of goals and objectives

2.2.2 Finalize key metrics

Plan for Senior Leader Buy-In

Outcomes of this step
You will have clear measurable goals and objectives to respond to identified accessibility issues and organizational goals.

What does a good goal look like?

Use the SMART framework to build effective goals.

S Specific: Is the goal clear, concrete, and well defined?
M Measurable: How will you know when the goal is met?
A Achievable: Is the goal possible to achieve in a reasonable time?
R Relevant: Does this goal align with your responsibilities and with departmental and organizational goals?
T Time-based: Have you specified a time frame in which you aim to achieve the goal?

SMART is a common framework for setting effective goals. Make sure your goals satisfy these criteria to ensure you can achieve real results.

2.2.1 Create a list of goals and objectives

Use the outcomes from activity 2.1.2.

  1. Using the prioritized list of what your solution must have, should have, could have, and won’t have from activity 2.1.2, develop goals.
  2. Remember to use the SMART goal framework to build out each goal (see the previous slide for more information on SMART goals).
  3. Ensure each goal supports departmental and organizational goals to ensure it is meaningful.
  4. Document your goals and objectives in your Accessibility Business Case Template.
InputOutput
  • Outcomes of activity 2.1.2
  • Organizational and departmental goals
  • Goals and objectives added to your Accessibility Business Case Template
MaterialsParticipants
  • Accessibility Business Case Template
  • IT leadership team

Download the Accessibility Business Case Template

2.2.1 Create a list of goals and objectives

Use the outcomes from activity 2.1.2.

  1. Using the prioritized list of what your solution must have, should have, could have, and won’t have from activity 2.1.2, develop goals.
  2. Remember to use the SMART goal framework to build out each goal (see the previous slide for more information on SMART goals).
  3. Ensure each goal supports departmental and organizational goals to ensure it is meaningful.
  4. Document your goals and objectives in your Accessibility Business Case Template.

Establish Baseline Metrics

Baseline metrics will be improved through:

  1. Progressing through the accessibility maturity model.
  2. Addressing accessibility earlier in processes to avoid tech debt and rework late in projects or releases.
  3. Making accessibility part of the procurement process as a scoring consideration and vendor choice.
  4. Ensuring compliance with regulations and standards.
Metric Current Goal
Overall end-customer satisfaction 90 120
Monies saved through cost optimization efforts
Employee engagement
Monies save through application rationalization and standardization

For more metrics ideas, see the Info-Tech IT Metrics Library.

2.2.2 Finalize key metrics

Finalize key metrics the organization will use to measure accessibility success

  1. Brainstorm how you would measure the success of each goal based on the benefits, challenges, and risks you previously identified.
  2. Write each of the metric ideas down and finalize three to five key metrics which you will track. The metrics you choose should relate to the key challenges or risks you have identified and match your desired maturity level and driver.
  3. Document your key metrics in the Accessibility Business Case Template.
InputOutput
  • Accessibility challenges and benefits
  • Goals from activity 2.2.1
  • Three to five key metrics to track
MaterialsParticipants
  • Accessibility Business Case Template
  • IT leadership team
  • Project lead/sponsor

Download the Accessibility Business Case Template

Step 2.3

Document accessibility program roles and responsibilities

Activities

2.3.1 Populate a RACI chart

Plan for Senior Leader Buy-In

Outcomes of this step
At the end of this step, you will have a completed RACI chart documenting the roles and responsibilities related to accessibility for your accessibility business case.

2.3.1 Populate a RACI

Populate a RACI chart to identify who should be responsible, accountable, consulted, and informed for each key activity.

Define who is responsible, accountable, consulted, and informed for the project team:

  1. Write out the list of all stakeholders along the top of a whiteboard. Write out the key project steps along the left-hand side.
  2. For each initiative, identify each team member’s role. Are they:
    Responsible: The one responsible for getting the job done.
    Accountable: Only one person can be accountable for each task.
    Consulted: Are involved by providing knowledge.
    Informed: Receive information about execution and quality.
  3. As you proceed, continue to add tasks and assign responsibility to the RACI chart in the appendix of the Accessibility Business Case Template.
InputOutput
  • Stakeholder list
  • Key project steps
  • Project RACI chart
MaterialsParticipants
  • Whiteboard
  • Accessibility Business Case Template
  • IT leadership team

Download the Accessibility Business Case Template

Phase 3

Prepare your business case and get approval

Phase 1
1.1 Understand standards and legislation
1.2 Build awareness
1.3 Understand maturity level

Phase 2
2.1 Define desired future state
2.2 Define goals and objectives
2.3 Document roles and responsibilities

Phase 3
3.1 Prepare business case template for presentation and approval
3.2 Validate post-approval steps and establish timelines

The Accessibility Business Case for IT

This phase will walk you through the following activities:

  • Compiling the work and learning you’ve done so far into a business case presentation.

This phase involves the following participants:

  • Project lead/sponsor
  • Senior leaders/approval authority

There is a business case for accessibility

  • When planning for initiatives, a business case is a necessary tool. Although it can feel like an administrative exercise, it helps create a compelling argument to senior leaders about the benefits and necessity of building an accessibility program.
  • No matter the industry, you need to justify how the budget and effort you require for the initiative support organizational goals. However, senior leaders of different industries might be motivated by different reasons. For example, government is strongly motivated by legal and equity aspects, commercial companies may be attracted to the increase in innovation or market reach, and educational and nonprofit companies are likely motivated by brand enhancement.
  • The organizational focus and goals will guide your business case for accessibility. Highlight the most relevant benefits to your operational landscape and the risk of inaction.

Source: WAI, 2018

“Many organizations are waking up to the fact that embracing accessibility leads to multiple benefits – reducing legal risks, strengthening brand presence, improving customer experience and colleague productivity.”
– Paul Smyth, Head of Digital Accessibility, Barclays
Source: WAI, 2018

Step 3.1

Customize and populate the Accessibility Business Case Template

Activities

3.1.1 Prepare your business case template for presentation and approval

Build Your Business Case

Outcomes of this step
Following this step, you will have a customized business case presentation that you can present to senior leaders.

Use Info-Tech’s template to communicate with stakeholders

Obtain approval for your accessibility program by customizing Info-Tech’s Accessibility Business Case Template, which is designed to effectively convey your key messages. Tailor the template to suit your needs.

It includes:

  • Project context
  • Project scope and objectives
  • Knowledge transfer roadmap
  • Next steps

Info-Tech Insight
The support of senior leaders is critical to the success of your accessibility program development. Remind them of the benefits and impact and the risks associated with inaction.

Download the Accessibility Business Case Template

3.1.1 Prepare a presentation for senior leaders to gain approval

Now that you understand your current and desired accessibility maturity, the next step is to get sign-off to begin planning your initiatives.

Know your audience:

  1. Consider who will be included in your presentation audience.
  2. You want your presentation to be succinct and hard-hitting. Management’s time is tight, and they will lose interest if you drag out the delivery. Impact them hard and fast with the challenges, benefits, and risks of inaction.
  3. Contain the presentation to no more than an hour. Depending on your audience, the actual presentation delivery could be quite short. You want to ensure adequate time for questions and answers.
  4. Schedule a meeting with the key decision makers who will need to approve the initiatives (IT leadership team, executive team, the board, etc.) and present your business case.
InputOutput
  • Activity results
  • Accessibility Maturity Assessment results
  • A completed presentation to communicate your accessibility business case
MaterialsParticipants
  • Accessibility Business Case Template
  • IT leadership team
  • Project sponsor
  • Project stakeholders
  • Senior leaders

Download the Accessibility Business Case Template

Step 3.2

Validate post-approval steps and establish timelines

Activities

3.2.1 Prepare for implementation: Complete the implementation prep to-do list and assign proposed timelines

Build Your Business Case

Outcomes of this step
This step will help you gain leadership’s approval to move forward with building and implementing the accessibility program.

Prepare to implement your program

Complete the to-do list to ensure you are ready to move your accessibility program forward.

To Do Proposed Timeline
Reach out to your change management team for assistance.
Discuss your plan with HR.
Build a project team.
Incorporate any necessary changes from senior leaders into your business case.
[insert your own addition here]
[insert your own addition here]
[insert your own addition here]
[insert your own addition here]

3.2.1 Prep for implementation (action planning)

Use the implementation prep to-do list to make sure you have gathered relevant information and completed critical steps to be ready for success.

Use the list on the previous slide to make sure you are set up for implementation success and that you’re ready to move your accessibility program forward.

  1. Assign proposed timelines to each of the items.
  2. Work through the list, collecting or completing each item.
  3. As you proceed, keep your identified drivers, current state, desired future state, goals, and objectives in mind.
Input Output
  • Accessibility Maturity Assessment
  • Business case presentation and any feedback from senior leaders
  • Goals, objectives, identified drivers, and desired future state
  • High-level action plan
Materials Participants
  • Previous slide containing the checklist
  • Project lead

Related Info-Tech Research

Implement and Mature Your User Experience Design Practice

  • Create a practice that is focused on human outcomes; it starts and ends with the people you are designing for. This includes:
    • Establishing a practice with a common vision.
    • Enhancing the practice through four design factors.
    • Communicating a roadmap to improve your business through design.

Modernize Your Corporate Website to Drive Business Value

  • Users are demanding more valuable web functionalities and improved access to your website services.
  • The criteria of user acceptance and satisfaction involves more than an aesthetically pleasing user interface (UI). It also includes how emotionally attached the user is to the website and how it accommodates user behaviors.

IT Diversity & Inclusion Tactics

  • Although inclusion is key to the success of a diversity and inclusion (D&I) strategy, the complexity of the concept makes it a daunting pursuit.
  • This is further complicated by the fact that creating inclusion is not a one-and-done exercise. Rather, it requires the ongoing commitment of employees and managers to reassess their own behaviors and to drive a cultural shift.

Fix Your IT Culture

  • Go beyond value statements to create a culture that enables the departmental strategy.
  • There is confusion about how to translate culture from an abstract concept to something that is measurable, actionable, and process driven.
  • Organizations lack clarity about who is accountable and responsible for culture, with groups often pointing fingers at each other.

Works cited

“2021 State of Digital Accessibility.” Level Access, n.d. Accessed 10 Aug. 2022

”2022 Midyear Report: ADA Digital Accessibility Lawsuits.” UsableNet, 2022. Accessed 9 Nov. 2022

“Barclay’s Bank Case Study.” WAI-Engage, 12 Sept. 2018. Accessed 7 Nov. 2022.

Bilodeau, Howard, et al. “StatCan COVID-19 Data to Insights for a Better Canada.” Statistics Canada, 24 June 2021. Accessed 10 Aug. 2022.

Casey, Caroline. “Do Your D&I Efforts Include People With Disabilities?” Harvard Business Review, 19 March 2020. Accessed 28 July 2022.

Digitalisation World. “Organisations failing to meet digital accessibility standards.” Angel Business Communications, 19 May 2022. Accessed Oct. 2022.

“disability.” Merriam-Webster.com Dictionary, Merriam-Webster, https://www.merriam-webster.com/dictionary/disability. Accessed 10 Aug. 2022.

“Disability.” World Health Organization, 2022. Accessed 10 Aug 2022.

“Driving the Accessibility Advantage at Accenture.” Accenture, 2022. Accessed 7 Oct. 2022.

eSSENTIAL Accessibility. The Must-Have WCAG 2.1 Checklist. 2022

Hopewell, May. Accessibility in the Workplace. 2022.

“Initiate.” W3C Web Accessibility Initiative (WAI), 31 March 2016. Accessed 18 Aug. 2022.

Kalcevich, Kate, and Mike Gifford. “How to Bake Layers of Accessibility Testing Into Your Process.” Smashing Magazine, 26 April 2021. Accessed 31 Aug. 2022.

Noone, Cat. “4 Common Ways Companies Alienate People with Disabilities.” Harvard Business Review, 29 Nov. 2021. Accessed Jul. 2022.

Taylor, Jason. “A Record-Breaking Year for ADA Digital Accessibility Lawsuits.” UsableNet, 21 December 2020. Accessed Jul. 2022.

“The Business Case for Digital Accessibility.” W3C Web Accessibility Initiative (WAI), 9 Nov. 2018. Accessed 4 Aug. 2022.

“The WebAIM Million.” Web AIM, 31 March 2022. Accessed 28 Jul. 2022.

Washington, Ella F. “The Five Stages of DEI Maturity.” Harvard Business Review, November - December 2022. Accessed 7 Nov. 2022.

Wyman, Nicholas. “An Untapped Talent Resource: People With Disabilities.” Forbes, 25 Feb. 2021. Accessed 14 Sep. 2022.

Don’t Allow Software Licensing to Derail Your M&A

  • Buy Link or Shortcode: {j2store}135|cart{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Vendor Management
  • Parent Category Link: /vendor-management
  • Assuming that all parties are compliant in their licensing is a risky proposition. Most organizations are deficient in some manner of licensing. Know where those gaps are before finalizing M&A activity and have a plan in place to mitigate them right away.
  • Vendors will target companies that have undergone recent M&A activity with an audit. Vendors know that the many moving parts of M&A activity often result in license shortfall, and they may look to capitalize during the transition with audit revenue.
  • New organizational structure can offer new licensing opportunities. Take advantage of the increased volume discounting, negotiation leverage, and consolidation opportunities afforded by a merger or acquisition.

Our Advice

Critical Insight

  • To mitigate risks and create accurate cost estimates, create a contingency fund to compensate for unavailability of information.
  • Gathering and analyzing information is an iterative process that is ongoing throughout due diligence. Update your assumptions, risks, and budget as you obtain new information.
  • Communication with the M&A team and business process owners should be constant throughout due diligence. IT integration does not exist in isolation.

Impact and Result

  • CIOs must be part of the conversation during the exploration/due diligence phase before the deal is closed to examine licensing compliance and software costs that could have a direct result on the valuation of the new organization.
  • Both organizations must conduct thorough due diligence (such as internal SAM audits), analyze the information, and define critical assumptions to create a strategy for the resultant IT enterprise.
  • The IT team is involved in integration, synergy realization, and cost considerations that the business often does not consider or take into account with respect to IT. License transfer, assignability, use, and geographic rights all come into play and can be overlooked.

Don’t Allow Software Licensing to Derail Your M&A Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you shouldn’t allow software licensing to derail your M&A deal, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Understand the M&A process with respect to software licensing

Grasp the key pain points of software licensing and the effects it has on an M&A. Review the benefits of early IT involvement and identify IT’s capabilities.

  • Don’t Allow Software Licensing to Derail Your M&A – Phase 1: M&A Overview
  • M&A Software Asset Maturity Assessment

2. Perform due diligence

Understand the various steps and process when conducting due diligence. Request information and assess risks, make assumptions, and budget costs.

  • Don’t Allow Software Licensing to Derail Your M&A – Phase 2: Due Diligence
  • License Inventory
  • IT Due Diligence Report
  • M&A Software Asset RACI Template

3. Prepare for integration

Take a deeper dive into the application portfolios and vendor contracts of both organizations. Review integration strategies and design the end-state of the resultant organization.

  • Don’t Allow Software Licensing to Derail Your M&A – Phase 3: Pre-Integration Planning
  • Effective Licensing Position Tool
  • IT Integration Roadmap Tool

4. Execute on the integration plan

Review initiatives being undertaken to ensure successful integration execution. Discuss long-term goals and how to communicate with vendors to avoid licensing audits.

  • Don’t Allow Software Licensing to Derail Your M&A – Phase 4: Integration Execution
[infographic]

Workshop: Don’t Allow Software Licensing to Derail Your M&A

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 M&A Overview

The Purpose

Identify the goals and objectives the business has for the M&A.

Understand cultural and organizational structure challenges and red flags.

Identify SAM/licensing challenges and red flags.

Conduct maturity assessment.

Clarify stakeholder responsibilities.

Build and structure the M&A team.

Key Benefits Achieved

The capabilities required to successfully examine software assets and licensing during the M&A transaction.

M&A business goals and objectives identified.

IT M&A team selected.

Severity of SAM challenges and red flags examined.

Activities

1.1 Document pain points from previous experience.

1.2 Identify IT opportunities during M&A.

Outputs

M&A Software Asset Maturity Assessment

2 Due Diligence

The Purpose

Take a structured due diligence approach that properly evaluates the current state of the organization.

Review M&A license inventory and use top five vendors as example sets.

Identify data capture and reporting methods/tools.

Scheduling challenges.

Scope level of effort and priority list.

Common M&A pressures (internal/external).

Key Benefits Achieved

A clear understanding of the steps that are involved in the due diligence process.

Recognition of the various areas from which information will need to be collected.

Licensing pitfalls and compliance risks to be examined.

Knowledge of terms and conditions that will limit ability in pre-integration planning.

Activities

2.1 Identify IT capabilities for an M&A.

2.2 Create your due diligence team and assign accountability.

2.3 Use Info-Tech’s IT Due Diligence Report Template to track key elements.

2.4 Document assumptions to back up cost estimates and risk.

Outputs

M&A Software Asset RACI Template

IT Due Diligence Report

3 Pre-Integration Planning

The Purpose

Review and map legal operating entity structure for the resultant organization.

Examine impact on licensing scenarios for top five vendors.

Identify alternative paths and solutions.

Complete license impact for top five vendors.

Brainstorm action plan to mitigate negative impacts.

Discuss and explore the scalable process for second level agreements.

Key Benefits Achieved

Identification of the ideal post-M&A application portfolio and licensing structures.

Recognition of the key considerations when determining the appropriate combination of IT integration strategies.

Design of vendor contracts for the resultant enterprise.

Recognition of how to create an IT integration budget.

Activities

3.1 Work with the senior management team to review how the new organization will operate.

3.2 Document the strategic goals and objectives of IT’s integration program.

3.3 Interview business leaders to understand how they envision their business units.

3.4 Perform internal SAM audit.

3.5 Create a library of all IT processes in the target organization as well as your own.

3.6 Examine staff using two dimensions: competency and capacity.

3.7 Design the end-state.

3.8 Communicate your detailed pre-integration roadmap with senior leadership and obtain sign-off.

Outputs

IT Integration Roadmap Tool

Effective License Position

4 Manage Post-M&A Activities

The Purpose

Finalize path forward for top five vendors based on M&A license impact.

Disclose findings and financial impact estimate to management.

Determine methods for second level agreements to be managed.

Provide listing of specific recommendations for top five list.

Key Benefits Achieved

Initiatives generated and executed upon to achieve the technology end-state of each IT domain.

Vendor audits avoided.

Contracts amended and vendors spoken to.

Communication with management on achievable synergies and quick wins.

Activities

4.1 Identify initiatives necessary to realize the application end-state.

4.2 Identify initiatives necessary to realize the end-state of IT processes.

4.3 Identify initiatives necessary to realize the end-state of IT staffing.

4.4 Prioritize initiatives based on ease of implementation and overall business impact.

4.5 Manage vendor relations.

Outputs

IT Integration Roadmap Tool

Marketing Management Suite Software Selection Guide

  • Buy Link or Shortcode: {j2store}552|cart{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Marketing Solutions
  • Parent Category Link: /marketing-solutions
  • Selecting and implementing the right MMS platform – one that aligns with your requirements is a significant undertaking.
  • Despite the importance of selecting and implementing the right MMS platform, many organizations struggle to define an approach to picking the most appropriate vendor and rolling out the solution in an effective and cost-efficient manner.
  • IT often finds itself in the unenviable position of taking the fall for an MMS platform that doesn’t deliver on the promise of the MMS strategy.

Our Advice

Critical Insight

  • MMS platform selection must be driven by your overall customer experience management strategy. Link your MMS selection to your organization’s CXM framework.
  • Determine what exactly you require from your MMS platform; leverage use cases to help guide selection.
  • Ensure strong points of integration between your MMS and other software such as CRM and POS. Your MMS solution should not live in isolation; it must be part of a wider ecosystem.

Impact and Result

  • An MMS platform that effectively meets business needs and delivers value.
  • Reduced costs during MMS vendor platform selection and faster time to results after implementation.

Marketing Management Suite Software Selection Guide Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Marketing Management Suite Software Selection Guide – A deck that walks you through the process of building your business case and selecting the proper MMS platform.

This blueprint will help you build a business case for selecting the right MMS platform, define key requirements, and conduct a thorough analysis and scan of the current state of the ever-evolving MMS market space.

  • Marketing Management Suite Software Selection Guide Storyboard
[infographic]

Further reading

Marketing Management Suite Software Selection Guide

Streamline your organizational approach to selecting a right-sized marketing management platform.

Analyst perspective

A robustly configured and comprehensive MMS platform is a crucial ingredient to help kick-start your organization's cross-channel and multichannel marketing management initiatives.

Modern marketing management suites (MMS) are imperative given today's complex, multitiered, and often non-standardized marketing processes. Relying on isolated methods such as lead generation or email marketing techniques for executing key cross-channel and multichannel marketing initiatives is not enough to handle the complexity of contemporary marketing management activities.

Organizations need to invest in highly customizable and functionally extensive MMS platforms to provide value alongside the marketing value chain and a 360-degree view of the consumer's marketing journey. IT needs to be rigorously involved with the sourcing and implementation of the new MMS tool, and the necessary business units also need to own the requirements and be involved from the initial stages of software selection.

To succeed with MMS implementation, consider drafting a detailed roadmap that outlines milestone activities for configuration, security, points of integration, and data migration capabilities and provides for ongoing application maintenance and support.

This is a picture of Yaz Palanichamy

Yaz Palanichamy
Senior Research Analyst, Customer Experience Strategy
Info-Tech Research Group

Executive summary

Your Challenge

  • Many organizations struggle with taking a systematic and structured approach to selecting a right-sized marketing management suite (MMS) – an indispensable part of managing an organization's specific and nuanced marketing management needs.
  • Organizations must define a clear-cut strategic approach to investing in a new MMS platform. Exercising the appropriate selection and implementation rigor for a right-sized MMS tool is a critical step in delivering concrete business value to sustain various marketing value chains across the organization.

Common Obstacles

  • An MMS vendor that is not well aligned to marketing requirements wastes resources and causes an endless cascade of end-user frustration.
  • The MMS market is rapidly evolving, making it difficult for vendors to retain a competitive foothold in the space.
  • IT managers and/or marketing professionals often find themselves in the unenviable position of taking the fall for MMS platforms that fail to deliver on the promise of the overarching marketing management strategy.

Info-Tech's Approach

  • MMS platform selection must be driven by your overall marketing management strategy. Email marketing techniques, social marketing, and/or lead management strategies are often not enough to satisfy the more sophisticated use cases demanded by increasingly complex customer segmentation levels.
  • For organizations with a large audience or varied product offerings, a well-integrated MMS platform enables the management of various complex campaigns across many channels, product lines, customer segments, and marketing groups throughout the enterprise.

Info-Tech Insight

IT must collaborate with marketing professionals and other key stakeholder groups to define a unified vision and holistic outlook for a right-sized MMS platform.

Info-Tech's methodology for selecting a right-sized marketing management suite platform

1. Understand Core MMS Features

2. Build the Business Case & Streamline Requirements

3. Discover the MMS Market Space & Prepare for Implementation

Phase Steps

  1. Define MMS Platforms
  2. Classify Table Stakes & Differentiating Capabilities
  3. Explore Trends
  1. Build the Business Case
  2. Streamline the Requirements Elicitation Process for a New MMS Platform
  3. Develop an Inclusive RFP Approach
  1. Discover Key Players in the Vendor Landscape
  2. Engage the Shortlist & Select Finalist
  3. Prepare for Implementation

Phase Outcomes

  1. Consensus on scope of MMS and key MMS platform capabilities
  1. MMS platform selection business case
  2. Top-level use cases and requirements
  3. Procurement vehicle best practices
  1. Market analysis of MMS platforms
  2. Overview of shortlisted vendors
  3. Implementation considerations

Guided Implementation

What does a typical GI on this topic look like?

Phase 1 Phase 2 Phase 3

Call #1: Understand what a marketing management suite is. Discuss core capabilities and key trends.

Call #2: Build the business case
to select a right-sized MMS.

Call #3: Define your core
MMS requirements.

Call #4: Build and sustain procurement vehicle best practices.

Call #5: Evaluate the MMS vendor landscape and short-list viable options.


Call #6: Review implementation considerations.

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

The MMS procurement process should be broken into segments:

  1. Create a vendor shortlist using this buyer's guide.
  2. Define a structured approach to selection.
  3. Review the contract.

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

“Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

Guided Implementation

“Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

Workshop

“We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

Consulting

“Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

Diagnostics and consistent frameworks used throughout all four options

EXECUTIVE BRIEF

What are marketing management suite platforms?

Our Definition: Marketing management suite (MMS) platforms are core enterprise applications that provide a unified set of marketing processes for a given organization and, typically, the capability to coordinate key cross-channel marketing initiatives.

Key product capabilities for sophisticated MMS platforms include but are not limited to:

  • Email marketing
  • Lead nurturing
  • Social media management
  • Content curation and distribution
  • Marketing reporting and analytics
  • Consistent brand messaging

Using a robust and comprehensive MMS platform equips marketers with the appropriate tools needed to make more informed decisions around campaign execution, resulting in better targeting, acquisition, and customer retention initiatives. Moreover, such tools can help bolster effective revenue generation and ensure more viable growth initiatives for future marketing growth enablement strategies.

Info-Tech Insight

Feature sets are rapidly evolving over time as MMS offerings continue to proliferate in this market space. Ensure that you focus on core components such as customer conversion rates and new lead captures through maintaining well- integrated multichannel campaigns.

Marketing Management Suite Software Selection Buyer's Guide

Info-Tech Insight

A right-sized MMS software selection and procurement decision should involve comprehensive requirements and needs analysis by not just Marketing but also other organizational units such as IT, in conjunction with input suppled from the internal vendor procurement team.

MMS Software Selection & Vendor Procurement Journey. The three main steps are: Envision the Art of the Possible; Elicit Granular Requirements; Contextualize the MMS Vendor Market Space

Phase 1

Understand Core MMS Features

Phase 1

Phase 2

Phase 3

1.1 Define MMS Platforms

1.2 Classify Table Stakes & Differentiating Capabilities

1.3 Explore Trends

2.1 Build the Business Case

2.2 Streamline Requirements Elicitation

2.3 Develop an Inclusive RFP Approach

3.1 Discover Key Players in the Vendor Landscape

3.2 Engage the Shortlist & Select Finalist

3.3 Prepare for Implementation

This phase will walk you through the following activities:

  • Level-set an understanding of MMS technology.
  • Define which MMS features are table stakes (standard) and which are key differentiating functionalities.
  • Identify the art of the possible in a modern MMS platform from sales, marketing, and service lenses.

This phase involves the following participants:

  • CMO
  • Digital Marketing Project Manager
  • Marketing Data Analytics Analyst
  • Marketing Management Executive

What are marketing management suite platforms?

Our Definition: Marketing management suite (MMS) platforms are core enterprise applications that provide a unified set of marketing processes for a given organization and, typically, the capability to coordinate key cross-channel marketing initiatives.

Key product capabilities for sophisticated MMS platforms include but are not limited to:

  • Email marketing
  • Lead nurturing
  • Social media management
  • Content curation and distribution
  • Marketing reporting and analytics
  • Consistent brand messaging

Using a robust and comprehensive MMS platform equips marketers with the appropriate tools needed to make more informed decisions around campaign execution, resulting in better targeting, acquisition, and customer retention initiatives. Moreover, such tools can help bolster effective revenue generation and ensure more viable growth initiatives for future marketing growth enablement strategies.

Info-Tech Insight

Feature sets are rapidly evolving over time as MMS offerings continue to proliferate in this market space. Ensure that you focus on core components such as customer conversion rates and new lead captures through maintaining well- integrated multichannel campaigns.

Marketing through the ages

Tracing the foundational origins of marketing management practices

Initial traction for marketing management strategies began with the need to holistically understand the effects of advertising efforts and how the media mix could be best optimized.

1902

1920s-1930s

1942

1952-1964

1970s-1990s

Recognizing the increasing need for focused and professional marketing efforts, the University of Pennsylvania offers the first marketing course, dubbed "The Marketing of Products."

As broadcast media began to peak, marketers needed to manage a greater number of complex and interspersed marketing channels.

The introduction of television ads in 1942 offered new opportunities for brands to reach consumers across a growing media landscape. To generate the highest ROI, marketers sought to understand the consumer and focus on more tailored messaging and product personalization. Thus, modern marketing practices were born.

Following the introduction of broadcast media, marketers had to develop strategies beyond traditional spray-and-pray methods. The first modern marketing measurement concept, "marketing mix," was conceptualized in 1952 and popularized in 1964 by Neil Borden.

This period marked the digital revolution and the new era of marketing. With the advent of new communications technology and the modern internet, marketing management strategies reached new heights of sophistication. During the early 1990s, search engines emerged to help users navigate the web, leading to early forms of search engine optimization and advertising.

Where it's going: the future state of marketing management

  1. Increasing Complexity Driving Consumer Purchasing Decisions
    • "The main complexity is dealing with the increasing product variety and changing consumer demands, which is forcing marketers to abandon undifferentiated marketing strategies and even niche marketing strategies and to adopt a mass customization process interacting one-to-one with their customers." – Complexity, 2019
  2. Consumers Seeking More Tailored Brand Personalization
    • Financial Services marketers lead all other industries in AI application adoption, with 37% currently using them (Salesforce, 2019).
  3. The Inclusion of More AI-Enabled Marketing Strategies
    • According to a 2022 Nostro report, 70% of consumers say it is important that brands continue to offer personalized consumer experiences.
  4. Green Marketing
    • Recent studies have shown that up to 80% of all consumers are interested in green marketing strategies (Marketing Schools, 2020).

Marketing management by the numbers

Key trends

6%

As a continuously growing discipline, marketing management roles are predicted to grow faster than average, at a rate of 6% over the next decade.

Source: U.S. Bureau of Labor Statistics, 2021

17%

While many marketing management vendors offer A/B testing, only 17% of marketers are actively using A/B testing on landing pages to increase conversion rates.

Source: Oracle, 2022

70%

It is imperative that technology and SaaS companies begin to use marketing automation as a core component of their martech strategy to remain competitive. About 70% of technology and SaaS companies are employing integrated martech tools.

Source: American Marketing Association, 2021

Understand MMS table stakes features

Organizations can expect nearly all MMS vendors to provide the following functionality

Email Marketing

Lead Nurturing

Reporting, Analytics, and Marketing KPIs

Marketing Campaign Management

Integrational Catalog

The use of email alongside marketing efforts to promote a business' products and services. Email marketing can be a powerful tool to maintain connections with your audience and ensure sustained brand promotion.

The process of developing and nurturing relationships with key customer contacts at every major touchpoint in their customer journey. MMS platforms can use automated lead-nurturing functions that are triggered by customer behavior.

The use of well-defined metrics to help curate, gather, and analyze marketing data to help track performance and improve the marketing department's future marketing decisions and strategies.

Tools needed for the planning, execution, tracking, and analysis of direct marketing campaigns. Such tools are needed to help gauge your buyers' sentiments toward your company's product offerings and services.

MMS platforms should generally have a comprehensive open API/integration catalog. Most MMS platforms should have dedicated integration points to interface with various tools across the marketing landscape (e.g. social media, email, SEO, CRM, CMS tools, etc.).

Identify differentiating MMS features

While not always deemed must-have functionality, these features may be the deciding factor when choosing between two MMS-focused vendors.

Digital Asset Management (DAM)

A DAM can help manage digital media asset files (e.g. photos, audio files, video).

Customer Data Management

Customer data management modules help your organization track essential customer information to maximize your marketing results.

Text-Based Marketing

Text-based marketing strategy is ideal for any organization primarily focused on coordinating structured and efficient marketing campaigns.

Customer
Journey Orchestration

Customer journey orchestration enables users to orchestrate customer conversations and journeys across the entire marketing value chain.

AI-Driven Workflows

AI-powered workflows can help eliminate complexities and allow marketers to automate and optimize tasks across the marketing spectrum.

Dynamic Segmentation

Dynamic segmentation to target audience cohorts based on recent actions and stated preferences.

Advanced Email Marketing

These include capabilities such as A/B testing, spam filter testing, and detailed performance reporting.

Ensure you understand the art of the possible across the MMS landscape

Understanding the trending feature sets that encompass the broader MMS vendor landscape will best equip your organization with the knowledge needed to effectively match today's MMS platforms with your organization's marketing requirements.

Holistically examine the potential of any MMS solution through three main lenses:

Data-Driven
Digital Advertising

Adapt innovative techniques such as conversational marketing to help collect, analyze, and synthesize crucial audience information to improve the customer marketing experience and pre-screen prospects in a more conscientious manner.

Next Best Action Marketing

Next best action marketing (NBAM) is a customer-centric paradigm/marketing technique designed to capture specific information about customers and their individual preferences. Predicting customers' future actions by understanding their intent during their purchasing decisions stage will help improve conversion rates.

AI-Driven Customer
Segmentation

The use of inclusive and innovative AI-based forecast modeling techniques can help more accurately analyze customer data to create more targeted segments. As such, marketing messages will be more accurately tailored to the customer that is reading them.

Art of the possible: data-driven digital advertising

CONVERSATIONAL MARKETING INTELLIGENCE

Are you curious about the measures needed to boost engagement among your client base and other primary target audience groups? Conversational marketing intelligence metrics can help collect and disseminate key descriptive data points across a broader range of audience information.

AI-DRIVEN CONVERSATIONAL MARKETING DEVICES

Certain social media channels (e.g. LinkedIn and Facebook) like to take advantage of click-to-Messenger-style applications to help drive meaningful conversations with customers and learn more about their buying preferences. In addition, AI-driven chatbot applications can help the organization glean important information about the customer's persona by asking probing questions about their marketing purchase behaviors and preferences.

METAVERSE- DRIVEN BRANDING AND ADVERTISING

One of the newest phenomena in data-driven marketing technology and digital advertising techniques is the metaverse, where users can represent themselves and their brand via virtual avatars to further gamify their marketing strategies. Moreover, brands can create immersive experiences and engage with influencers and established communities and collect a wealth of information about their audience that can help drive customer retention and loyalty.

Case study

This is the logos for Gucci and Roblox.

Metaverse marketing extends the potential for commercial brand development and representation: a deep dive into Gucci's metaverse practice

INDUSTRY: Luxury Goods Apparel
SOURCE: Vogue Business

Challenge

Beginning with a small, family-owned leather shop known as House of Gucci in Florence, Italy, businessman and fashion designer Guccio Gucci sold saddles, leather bags, and other accessories to horsemen during the 1920s. Over the years, Gucci's offerings have grown to include various other personal luxury goods.

As consumer preferences have evolved over time, particularly with the younger generation, Gucci's professional marketing teams looked to invest in virtual technology environments to help build and sustain better brand awareness among younger consumer audiences.

Solution

In response to the increasing presence of metaverse-savvy gamers on the internet, Gucci began investing in developing its online metaverse presence to bolster its commercial marketing brand there.

A recent collaboration with Roblox, an online gaming platform that offers virtual experiences, provided Gucci the means to showcase its fashion items using the Gucci Garden – a virtual art installation project for Generation Z consumers, powered by Roblox's VR technology. The Gucci Garden virtual system featured a French-styled garden environment where players could try on and buy Gucci virtual fashion items to dress up their blank avatars.

Results

Gucci's disruptive, innovative metaverse marketing campaign project with Roblox is proof of its commitment to tapping new marketing growth channels to showcase the brand to engage new and prospective consumers (e.g. Roblox's player base) across more unique sandboxed/simulation environments.

The freedom and flexibility in the metaverse environments allows brands such as Gucci to execute a more flexible digital marketing approach and enables them to take advantage of innovative metaverse-driven technologies in the market to further drive their data-driven digital marketing campaigns.

Art of the possible: next best action marketing (NBAM)

NEXT BEST ACTION PREDICTIVE MODELING

To improve conversion propensity, next best action techniques can use predictive modeling methods to help build a dynamic overview of the customer journey. With information sourced from actionable marketing intelligence data, MMS platforms can use NBAM techniques to identify customer needs based on their buying behavior, social media interactions, and other insights to determine what unique set of actions should be taken for each customer.

MACHINE LEARNING–BASED RECOMMENDER SYSTEMS

Rules-based recommender systems can help assign probabilities of purchasing behaviors based on the patterns in touchpoints of a customer's journey and interaction with your brand. For instance, a large grocery chain company such as Walmart or Whole Foods will use ML-based recommender systems to decide what coupons they should offer to their customers based on their purchasing history.

Art of the possible: AI-driven customer segmentation

MACHINE/DEEP LEARNING (ML/DL) ALGORITHMS

The inclusion of AI in data analytics helps make customer targeting more accurate
and meaningful. Organizations can analyze customer data more thoroughly and generate in-depth contextual and descriptive information about the targeted segments. In addition, they can use this information to automate the personalization of marketing campaigns for a specific target audience group.

UNDERSTANDING CUSTOMER SENTIMENTS

To greatly benefit from AI-powered customer segmentation, organizations must deploy specialized custom AI solutions to help organize qualitative comments into quantitative data. This approach requires companies to use custom AI models and tools that will analyze customer sentiments and experiences based on data extracted from various touchpoints (e.g. CRM systems, emails, chatbot logs).

Phase 2

Build the Business Case and Streamline Requirements

Phase 1

Phase 2

Phase 3

1.1 Define MMS Platforms

1.2 Classify Table Stakes & Differentiating Capabilities

1.3 Explore Trends

2.1 Build the Business Case

2.2 Streamline Requirements Elicitation

2.3 Develop an Inclusive RFP Approach

3.1 Discover Key Players in the Vendor Landscape

3.2 Engage the Shortlist & Select Finalist

3.3 Prepare for Implementation

This phase will walk you through the following activities:

  • Define and build the business case for the selection of a right-sized MMS platform.
  • Elicit and prioritize granular requirements for your MMS platform.

This phase involves the following participants:

  • CMO
  • Technical Marketing Analyst
  • Digital Marketing Project Manager
  • Marketing Data Analytics Analyst
  • Marketing Management Executive

Software Selection Engagement

5 Advisory Calls over a 5-Week Period to Accelerate Your Selection Process

Expert analyst guidance over 5 weeks on average to select software and negotiate with the vendor.

Save money, align stakeholders, speed up the process and make better decisions.

Use a repeatable, formal methodology to improve your application selection process.

Better, faster results, guaranteed, included in your membership.

This is an image of the plan for five advisory calls over a five-week period.

CLICK HERE to book your Selection Engagement

Elicit and prioritize granular requirements for your marketing management suite (MMS) platform

Understanding business needs through requirements gathering is the key to defining everything you need from your software. However, it is an area where people often make critical mistakes.

Poorly scoped requirements

Best practices

  • Fail to be comprehensive and miss certain areas of scope.
  • Focus on how the solution should work instead of what it must accomplish.
  • Have multiple levels of detail within the requirements, causing inconsistency and confusion.
  • Drill all the way down to system-level detail.
  • Add unnecessary constraints based on what is done today rather than focusing on what is needed for tomorrow.
  • Omit constraints or preferences that buyers think are obvious.
  • Get a clear understanding of what the system needs to do and what it is expected to produce.
  • Test against the principle of MECE – requirements should be "mutually exclusive and collectively exhaustive."
  • Explicitly state the obvious and assume nothing.
  • Investigate what is sold on the market and how it is sold. Use language that is consistent with that of the market and focus on key differentiators – not table stakes.
  • Contain the appropriate level of detail – the level should be suitable for procurement and sufficient for differentiating vendors.

Info-Tech Insight
Poor requirements are the number one reason projects fail. Review Info-Tech's Improve Requirements Gathering blueprint to learn how to improve your requirements analysis and get results that truly satisfy stakeholder needs.

Info-Tech's approach

Develop an inclusive and thorough approach to the RFP process

Identity Need; Define Business requirements; Gain Business Authorization; Perform RFI/RFP; Negotiate Agreement; Purchase Goods and Services; Assess and Measure Performance.

Info-Tech Insight

Review Info-Tech's process and understand how you can prevent your organization from leaking negotiation leverage while preventing vendors from taking control of your RFP.

The Info-Tech difference:

  1. The secret to managing an RFP is to make it as manageable and as thorough as possible. The RFP process should be like any other aspect of business – by developing a standard process. With a process in place, you are better able to handle whatever comes your way, because you know the steps you need to follow to produce a top-notch RFP.
  2. The business then identifies the need for more information about a product/service or determines that a purchase is required.
  3. A team of stakeholders from each area impacted gather all business, technical, legal, and risk requirements. What are the expectations of the vendor relationship post-RFP? How will the vendors be evaluated?
  4. Based on the predetermined requirements, either an RFI or an RFP is issued to vendors with a due date.

Leverage Info-Tech's Contract Review Service to level the playing field with your shortlisted vendors

You may be faced with multiple products, services, master service agreements, licensing models, service agreements, and more.
Use Info-Tech's Contract Review Service to gain insights on your agreements:

  1. Are all key terms included?
  2. Are they applicable to your business?
  3. Can you trust that results will be delivered?
  4. What questions should you be asking from an IT perspective?

Validate that a contract meets IT's and the business' needs by looking beyond the legal terminology. Use a practical set of questions, rules, and guidance to improve your value for dollar spent.

This is an image of three screenshots from Info-Tech's Contract Review Service.

CLICK to BOOK The Contract Review Service

CLICK to DOWNLOAD Master Contract Review and Negotiation for Software Agreements

Phase 3

Discover the MMS Market Space and Prepare for Implementation

Phase 1

Phase 2

Phase 3

1.1 Define MMS Platforms

1.2 Classify Table Stakes & Differentiating Capabilities

1.3 Explore Trends

2.1 Build the Business Case

2.2 Streamline Requirements Elicitation

2.3 Develop an Inclusive RFP Approach

3.1 Discover Key Players in the Vendor Landscape

3.2 Engage the Shortlist & Select Finalist

3.3 Prepare for Implementation

This phase will walk you through the following activities:

  • Dive into the key players of the MMS vendor landscape.
  • Understand best practices for building a vendor shortlist.
  • Understand key implementation considerations for MMS.

This phase involves the following participants:

  • CMO
  • Marketing Management Executive
  • Applications Manager
  • Digital Marketing Project Manager
  • Sales Executive
  • Vendor Outreach and Partnerships Manager

Review your use cases to start your shortlist

Your Info-Tech analysts can help you narrow down the list of vendors that will meet your requirements.

Next steps will include:

  1. Reviewing your requirements.
  2. Checking out SoftwareReviews.
  3. Shortlisting your vendors.
  4. Conducting demos and detailed proposal reviews.
  5. Selecting and contracting with a finalist!

Get to know the key players in the MMS landscape

The following slides provide a top-level overview of the popular players you will encounter in your MMS shortlisting process.

This is a series of images of the logos for the companies which will be discussed later in this blueprint.

Evaluate software category leaders through vendor rankings and awards

SoftwareReviews

This is an image of two screenshots from the Data Quadrant Report.

The Data Quadrant is a thorough evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions.

Vendors are ranked by their Composite Score, based on individual feature evaluations, user satisfaction rankings, vendor capability comparisons, and likeliness to recommend the platform.

This is an image of two screenshots from the Emotional Footprint Report.

The Emotional Footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions.

Vendors are ranked by their Customer Experience (CX) Score, which combines the overall Emotional Footprint rating with a measure of the value delivered by the solution.

Speak with category experts to dive deeper into the vendor landscape

SoftwareReviews

  • Fact-based reviews of business software from IT professionals.
  • Product and category reports with state-of-the-art data visualization.
  • Top-tier data quality backed by a rigorous quality assurance process.
  • User-experience insight that reveals the intangibles of working with a vendor.

CLICK HERE to ACCESS

Comprehensive software reviews
to make better IT decisions

We collect and analyze the most detailed reviews on enterprise software from real users to give you an unprecedented view into the product and vendor before you buy.

SoftwareReviews is powered by Info-Tech

Technology coverage is a priority for Info-Tech, and SoftwareReviews provides the most comprehensive unbiased data on today's technology. Combined with the insight of our expert analysts, our members receive unparalleled support in their buying journey.

SoftwareReviews' Enterprise MMS Rankings

Strengths:

  • Advanced Campaign Management
  • Email Marketing Automation
  • Multichannel Integration

Areas to Improve:

  • Mobile Marketing Management
  • Advanced Data Segmentation
  • Pricing Sensitivity and Implementation Support Model

This is an image of SoftwareReviews analysis for Adobe Experience Cloud.

history

This is the Logo for Adobe Experience Cloud

"Adobe Experience Cloud (AEC), formerly Adobe Marketing Cloud (AMC), provides a host of innovative multichannel analytics, social, advertising, media optimization, and content management products (just to name a few). The Adobe Marketing Cloud package allows users with valid subscriptions to download the entire collection and use it directly on their computer with open access to online updates. Organizations that have a deeply ingrained Adobe footprint and have already reaped the benefits of Adobe's existing portfolio of cloud services products (e.g. Adobe Creative Cloud) will find the AEC suite a functionally robust and scalable fit for their marketing management and marketing automation needs.

However, it is important to note that AEC's pricing model is expensive when compared to other competitors in the space (e.g. Sugar Market) and, therefore, is not as affordable for smaller or mid-sized organizations. Moreover, there is the expectation of a learning curve with the AEC platform. Newly onboarded users will need to spend some time learning how to navigate and work comfortably with AEC's marketing automaton modules. "
- Yaz Palanichamy
Senior Research Analyst, Info-Tech Research Group

Adobe Experience Cloud Platform pricing is opaque.
Request a demo.*

*Info-Tech recommends reaching out to the vendor's internal sales management team for explicit details on individual pricing plans for the Adobe Marketing Cloud suite.

2021

Adobe Experience Platform Launch is integrated into the Adobe Experience Platform as a suite of data collection technologies (Experience League, Adobe).

November 2020

Adobe announces that it will spend $1.5 billion to acquire Workfront, a provider of marketing collaboration software (TechTarget, 2020).

September 2018

Adobe acquires marketing automation software company Marketo (CNBC, 2018).

June 2018

Adobe buys e-commerce services provider Magento Commerce from private equity firm Permira for $1.68 billion (TechCrunch, 2018).

2011

Adobe acquires DemDex, Inc. with the intention of adding DemDex's audience-optimization software to the Adobe Online Marketing Suite (Adobe News, 2011).

2009

Adobe acquires online marketing and web analytics company Omniture for $1.8 billion and integrates its products into the Adobe Marketing Cloud (Zippia, 2022).

Adobe platform launches in December 1982.

SoftwareReviews' Enterprise MMS Rankings

Strengths:

  • Marketing Workflow Management
  • Advanced Data Segmentation
  • Marketing Operations Management

Areas to Improve:

  • Email Marketing Automation
  • Marketing Asset Management
  • Process of Creating and/or Managing Marketing Lists

This is an image of SoftwareReviews analysis for Dynamics 365

history

This is the logo for Dynamics 365

2021

Microsoft Dynamics 365 suite adds customer journey orchestration as a viable key feature (Tech Target, 2021)

2019

Microsoft begins adding to its Dynamics 365 suite in April 2019 with new functionalities such as virtual agents, fraud detection, new mixed reality (Microsoft Dynamics 365 Blog, 2019).

2017

Adobe and Microsoft expand key partnership between Adobe Experience Manager and Dynamics 365 integration (TechCrunch, 2017).

2016

Microsoft Dynamics CRM paid seats begin growing steadily at more than 2.5x year-over-year (TechCrunch, 2016).

2016

On-premises application, called Dynamics 365 Customer Engagement, contains the Dynamics 365 Marketing Management platform (Learn Microsoft, 2023).

Microsoft Dynamics 365 product suite is released on November 1, 2016.

"Microsoft Dynamics 365 for Marketing remains a viable option for organizations that require a range of innovative MMS tools that can provide a wealth of functional capabilities (e.g. AI-powered analytics to create targeted segments, A/B testing, personalizing engagement for each customer). Moreover, Microsoft Dynamics 365 for Marketing offers trial options to sandbox their platform for free for 30 days to help users familiarize themselves with the software before buying into the product suite.

However, ensure that you have the time to effectively train users on implementing the MS Dynamics 365 platform. The platform does not score high on customizability in SoftwareReviews reports. Developers have only a limited ability to modify the core UI, so organizations need to be fully equipped with the knowledge needed to successfully navigate MS-based applications to take full advantage of the platform. For organizations deep in the Microsoft stack, D365 Marketing is a compelling option."
Yaz Palanichamy
Senior Research Analyst, Info-Tech Research Group

Dynamics 365
Marketing

Dynamics 365
Marketing (Attachment)

  • Starts from $1,500 per tenant/month*
  • Includes 10,000 contacts, 100,000 interactions, and 1,000 SMS messages
  • For organizations without any other Dynamics 365 application
  • Starts from $750 per tenant/month*
  • Includes 10,000 contacts, 100,000 interactions, and 1,000 SMS messages
  • For organizations with a qualifying Dynamics 365 application

* Pricing correct as of October 2022. Listed in USD and absent discounts. See pricing on vendor's website for latest information.

SoftwareReviews' Enterprise MMS Rankings

Strengths:

  • Marketing Analytics
  • Marketing Workflow Management
  • Lead Nurturing

Areas to Improve:

  • Advanced Campaign Management
  • Email Marketing Automation
  • Marketing Segmentation

This is an image of SoftwareReviews analysis for HubSpot

history

This is an image of the Logo for HubSpot

2022

HubSpot Marketing Hub releases Campaigns 2.0 module for its Marketing Hub platform (HubSpot, 2022).

2018


HubSpot announces the launch of its Marketing Hub Starter platform, a new offering that aims to give growing teams the tools they need to start marketing right (HubSpot Company News, 2018).

2014

HubSpot celebrates its first initial public offering on the NYSE market (HubSpot Company News, 2014).

2013

HubSpot opens its first international office location in Dublin, Ireland
(HubSpot News, 2013).

2010

Brian Halligan and Dharmesh Shah write "Inbound Marketing," a seminal book that focuses on inbound marketing principles (HubSpot, n.d.).

HubSpot opens for business in Cambridge, MA, USA, in 2005.

"HubSpot's Marketing Hub software ranks consistently high in scores across SoftwareReviews reports and remains a strong choice for organizations that want to run successful inbound marketing campaigns that make customers interested and engaged with their business. HubSpot Marketing Hub employs comprehensive feature sets, including the option to streamline ad tracking and management, perform various audience segmentation techniques, and build personalized and automated marketing campaigns.

However, SoftwareReviews reports indicate end users are concerned that HubSpot Marketing Hub's platform may be slightly overpriced in recent years and not cost effective for smaller and mid-sized companies that are working with a limited budget. Moreover, when it comes to mobile user accessibility reports, HubSpot's Marketing Hub does not directly offer data usage reports in relation to how mobile users navigate various web pages on the customer's website."
Yaz Palanichamy
Senior Research Analyst, Info-Tech Research Group

HubSpot Marketing Hub (Starter Package)

HubSpot Marketing Hub (Professional Package)

HubSpot Marketing Hub (Enterprise Package)

  • Starts from $50/month*
  • Includes 1,000 marketing contacts
  • All non-marketing contacts are free, up to a limit of 15 million overall contacts (marketing contacts + non-marketing contracts)
  • Starts from $890/month*
  • Includes 2,000 marketing contacts
  • Onboarding is required for a one-time fee of $3,000
  • Starts from $3600/month*
  • Includes 10,000 marketing contacts
  • Onboarding is required for a one-time fee of $6,000

*Pricing correct as of October 2022. Listed in USD and absent discounts.
See pricing on vendor's website for latest information.

SoftwareReviews' Enterprise MMS Rankings

Strengths:

  • Email Marketing Automation
  • Customer Journey Mapping
  • Contacts Management

Areas to Improve:

  • Pricing Model Flexibility
  • Integrational API Support
  • Antiquated UI/CX Design Elements

This is an image of SoftwareReviews analysis for Maropost

history

This is an image of the Logo for MAROPOST Marketing Cloud

2022

Maropost acquires Retail Express, leading retail POS software in Australia for $55M (PRWire, 2022).

2018


Maropost develops innovative product feature updates to its marketing cloud platform (e.g. automated social campaign management, event segmentation for mobile apps) (Maropost, 2019).

2015

US-based communications organization Success selects Maropost Marketing Cloud for marketing automation use cases (Apps Run The World, 2015).

2017

Maropost is on track to become one of Toronto's fastest-growing companies, generating $30M in annual revenue (MarTech Series, 2017).

2015

Maropost is ranked as a "High Performer" in the Email Marketing category in a G2 Crowd Grid Report (VentureBeat, 2015).

Maropost is founded in 2011 as a customer-centric ESP platform.

Maropost Marketing Cloud – Essential

Maropost
Marketing Cloud –Professional

Maropost
Marketing Cloud –Enterprise

  • Starts from $279/month*
  • Includes baseline features such as email campaigns, A/B campaigns, transactional emails, etc.
  • Starts from $849/month*
  • Includes additional system functionalities of interest (e.g. mobile keywords, more journeys for marketing automation use cases)
  • Starts from $1,699/month*
  • Includes unlimited number of journeys
  • Upper limit for custom contact fields is increased by 100-150

*Pricing correct as of October 2022. Listed in USD and absent discounts.
See pricing on vendor's website for latest information.

SoftwareReviews' Enterprise MMS Rankings

Strengths:

  • Advanced Data Segmentation
  • Marketing Analytics
  • Multichannel Integration

Areas to Improve:

  • Marketing Operations
    Management
  • Marketing Asset Management
  • Community Marketing Management

This is an image of SoftwareReviews analysis for Oracle Marketing Cloud.

history

This is an image of the Logo for Oracle Marketing Cloud

2021

New advanced intelligence capabilities within Oracle Eloqua Marketing Automation help deliver more targeted and personalized messages (Oracle, Marketing Automation documentation).

2015


Oracle revamps its marketing cloud with new feature sets, including Oracle ID Graph for cross-platform identification of customers, AppCloud Connect, etc. (Forbes, 2015).

2014

Oracle announces the launch of the Oracle Marketing Cloud (TechCrunch, 2014).

2005

Oracle acquires PeopleSoft, a company that produces human resource management systems, in 2005 for $10.3B (The Economic Times, 2016).

1982

Oracle becomes the first company to sell relational database management software (RDBMS). In 1982 it has revenue of $2.5M (Encyclopedia.com).

Relational Software, Inc (RSI) – later renamed Oracle Corporation – is founded in 1977.

"Oracle Marketing Cloud offers a comprehensive interwoven and integrated marketing management solution that can help end users launch cross-channel marketing programs and unify all prospect and customer marketing signals within one singular view. Oracle Marketing Cloud ranks consistently high across our SoftwareReviews reports and sustains top scores in overall customer experience rankings at a factor of 9.0. The emotional sentiment of users interacting with Oracle Marketing Cloud is also highly favorable, with Oracle's Emotional Footprint score at +93.

Users should be aware that some of the reporting mechanisms and report-generation capabilities may not be as mature as those of some of its competitors in the MMS space (e.g. Salesforce, Adobe). Data exportability also presents a challenge in Oracle Marketing Cloud and requires a lot of internal tweaking between end users of the system to function properly. Finally, pricing sensitivity may be a concern for small and mid-sized organizations who may find Oracle's higher-tiered pricing plans to be out of reach. "
Yaz Palanichamy
Senior Research Analyst, Info-Tech Research Group

Oracle Marketing Cloud pricing is opaque.
Request a demo.*

*Info-Tech recommends reaching out to the vendor's internal sales management team for explicit details on individual pricing plans for the Adobe Marketing Cloud suite.

SoftwareReviews' Enterprise MMS Rankings

Strengths:

  • Marketing Analytics
  • Advanced Campaign Management
  • Email Marketing Automation
  • Social Media Marketing Management

Areas to Improve:

  • Community Marketing Management
  • Marketing Operations Management
  • Pricing Sensitivity and Vendor Support Model

This is an image of SoftwareReviews analysis for Salesforce

history

This is an image of the Logo for Salesforce Marketing Cloud

2022

Salesforce announces sustainability as a core company value (Forbes, 2022).

2012



Salesforce unveils Salesforce Marketing Cloud during Dreamforce 2012, with 90,000 registered attendees (Dice, 2012).

2009

Salesforce launches Service Cloud, bringing customer service and support automation features to the market (TechCrunch, 2009).

2003


The first Dreamforce event is held at the Westin St. Francis hotel in downtown San Francisco
(Salesforce, 2020).

2001


Salesforce delivers $22.4M in revenue for the fiscal year ending January 31, 2002 (Salesforce, 2020).

Salesforce is founded in 1999.

"Salesforce Marketing Cloud is a long-term juggernaut of the marketing management software space and is the subject of many Info-Tech member inquiries. It retains strong composite and customer experience (CX) scores in our SoftwareReviews reports. Some standout features of the platform include marketing analytics, advanced campaign management functionalities, email marketing automation, and customer journey management capabilities. In recent years Salesforce has made great strides in improving the overall user experience by investing in new product functionalities such as the Einstein What-If Analyzer, which helps test how your next email campaign will impact overall customer engagement, triggers personalized campaign messages based on an individual user's behavior, and uses powerful real-time segmentation and sophisticated AI to deliver contextually relevant experiences that inspire customers to act.

On the downside, we commonly see Salesforce's solutions as costlier than competitors' offerings, and its commercial/sales teams tend to be overly aggressive in marketing its solutions without a distinct link to overarching business requirements. "
Yaz Palanichamy
Senior Research Analyst, Info-Tech Research Group

Marketing Cloud Basics

Marketing Cloud Pro

Marketing Cloud Corporate

Marketing Cloud Enterprise

  • Starts at $400*
  • Per org/month
  • Personalized promotional email marketing
  • Starts at $1,250*
  • Per org/month
  • Personalized marketing automation with email solutions
  • Starts at $3,750*
  • Per org/month
  • Personalized cross-channel strategic marketing solutions

"Request a Quote"

*Pricing correct as of October 2022. Listed in USD and absent discounts. See pricing on vendor's website for latest information.

SoftwareReviews' Enterprise MMS Rankings

Strengths:

  • Email Marketing Automation
  • Marketing Workflow Management
  • Marketing Analytics

Areas to Improve:

  • Mobile Marketing Management
  • Marketing Operations Management
  • Advanced Data Segmentation

This is an image of SoftwareReviews analysis for SAP

history

This is an image of the Logo for SAP

2022

SAP announces the second cycle of the 2022 SAP Customer Engagement Initiative. (SAP Community Blog, 2022).

2020

SAP acquires Austrian cloud marketing company Emarsys (TechCrunch, 2020).

2015

SAP Digital for Customer Engagement launches in May 2015 (SAP News, 2015).

2009

SAP begins branching out into three markets of the future (mobile technology, database technology, and cloud). SAP acquires some of its competitors (e.g. Ariba, SuccessFactors, Business Objects) to quickly establish itself as a key player in those areas (SAP, n.d.).

1999

SAP responds to the internet and new economy by launching its mysap.com strategy (SAP, n.d.).

SAP is founded In 1972.

"Over the years, SAP has positioned itself as one of the usual suspects across the enterprise applications market. While SAP has a broad range of capabilities within the CRM and customer experience space, it consistently underperforms in many of our user-driven SoftwareReviews reports for MMS and adjacent areas, ranking lower in MMS product feature capabilities such as email marketing automation and advanced campaign management than other mainstream MMS vendors, including Salesforce Marketing Cloud and Adobe Experience Cloud. The SAP Customer Engagement Marketing platform seems decidedly a secondary focus for SAP, behind its more compelling presence across the enterprise resource planning space.

If you are approaching an MMS selection from a greenfield lens and with no legacy vendor baggage for SAP elsewhere, experience suggests that your needs will be better served by a vendor that places greater primacy on the MMS aspect of their portfolio."
Yaz Palanichamy
Senior Research Analyst, Info-Tech Research Group

SAP Customer Engagement Marketing pricing is opaque:
Request a demo.*

*Info-Tech recommends reaching out to the vendor's internal sales management team for explicit details on individual pricing plans for the Adobe Marketing Cloud suite.

SoftwareReviews' Enterprise MMS Rankings

Strengths:

  • Social Media Automation
  • Email Marketing Automation
  • Marketing Analytics

Areas to Improve:

  • Ease of Data Integration
  • Breadth of Features
  • Marketing Workflow Management

b

SoftwareReviews' Enterprise MMS Rankings

Strengths:

  • Campaign Management
  • Segmentation
  • Email Delivery

Areas to Improve:

  • Mobile Optimization
  • A/B Testing
  • Content Authoring

This is an image of SoftwareReviews analysis for ZOHO Campaigns.

history

This is an image of the Logo for ZOHO Campaigns

2021

Zoho announces CRM-Campaigns sync (Zoho Campaigns Community Learning, 2021).

2020

Zoho reaches more than 50M customers in January ( Zippia, n.d.).

2017

Zoho launches Zoho One, a comprehensive suite of 40+ applications (Zoho Blog, 2017).

2012

Zoho releases Zoho Campaigns (Business Wire, 2012).

2007

Zoho expands into the collaboration space with the release of Zoho Docs and Zoho Meetings (Zoho, n.d.).

2005

Zoho CRM is released (Zoho, n.d.).

Zoho platform is founded in 1996.

"Zoho maintains a long-running repertoire of end-to-end software solutions for business development purposes. In addition to its flagship CRM product, the company also offers Zoho Campaigns, which is an email marketing software platform that enables contextually driven marketing techniques via dynamic personalization, email interactivity, A/B testing, etc. For organizations that already maintain a deep imprint of Zoho solutions, Zoho Campaigns will be a natural extension to their immediate software environment.

Zoho Campaigns is a great ecosystem play in environments that have a material Zoho footprint. In the absence of an existing Zoho environment, it's prudent to consider other affordable products as well."
Yaz Palanichamy
Senior Research Analyst, Info-Tech Research Group

Free Version

Standard

Professional

  • Starts at $0*
  • Per user/month billed annually
  • Up to 2,000 contacts
  • 6,000 emails/month
  • Starts at $3.75*
  • Per user/month billed annually
  • Up to 100,000 contacts
  • Advanced email templates
  • SMS marketing
  • Starts at $6*
  • Per user/month billed annually
  • Advanced segmentation
  • Dynamic content

*Pricing correct as of October 2022. Listed in USD and absent discounts.

See pricing on vendor's website for latest information.

Leverage Info-Tech's research to plan and execute your MMS implementation

Use Info-Tech's three-phase implementation process to guide your planning:

1. Assess

2. Prepare

3. Govern & Course Correct

Download Info-Tech's Governance and Management of Enterprise Software Implementation
Establish and execute an end-to-end, agile framework to succeed with the implementation of a major enterprise application.

Ensure your implementation team has a high degree of trust and communication

If external partners are needed, dedicate an internal resource to managing the vendor and partner relationships.

Communication

Teams must have some type of communication strategy. This can be broken into:

  • Regularity: Having a set time each day to communicate progress and a set day to conduct retrospectives.
  • Ceremonies: Injecting awards and continually emphasizing delivery of value to encourage relationship building and constructive motivation.
  • Escalation: Voicing any concerns and having someone responsible for addressing them.

Proximity

Distributed teams create complexity as communication can break down. This can be mitigated by:

  • Location: Placing teams in proximity to eliminate the barrier of geographical distance and time zone differences.
  • Inclusion: Making a deliberate attempt to pull remote team members into discussions and ceremonies.
  • Communication Tools: Having the right technology (e.g. video conference) to help bring teams closer together virtually.

Trust

Members should trust other members are contributing to the project and completing their required tasks on time. Trust can be developed and maintained by:

  • Accountability: Having frequent quality reviews and feedback sessions. As work becomes more transparent, people become more accountable.
  • Role Clarity: Having a clear definition of what everyone's role is.

Selecting a right-sized MMS platform

This selection guide allows organizations to execute a structured methodology for picking an MMS platform that aligns with their needs. This includes:

  • Alignment and prioritization of key business and technology drivers for an MMS selection business case.
  • Identification of key use cases and requirements for a right-sized MMS platform.
  • A comprehensive market scan of key players in the MMS market space.

This formal MMS selection initiative will drive business-IT alignment, identify pivotal sales and marketing automation priorities, and thereby allow for the rollout of a streamlined MMS platform that is highly likely to satisfy all stakeholder needs.

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop

contact your account representative for more information

workshops@infotech.com

1-888-670-8889

Summary of accomplishment

Knowledge Gained

  • What marketing management is
  • Historical origins of marketing management
  • The future of marketing management
  • Key trends in marketing management suites

Processes Optimized

  • Requirements gathering
  • RFPs and contract reviews
  • Marketing management suite vendor selection
  • Marketing management platform implementation

Marketing Management

  • Adobe Experience Cloud
  • Microsoft Dynamics 365 for Marketing
  • HubSpot Marketing Hub
  • Maropost Marketing Cloud
  • Oracle Marketing Cloud

Vendors Analyzed

  • Salesforce Marketing Cloud
  • SAP
  • Sugar Market
  • Zoho Campaigns

Related Info-Tech Research

Select a Marketing Management Suite

Many organizations struggle with taking a systematic approach to selection that pairs functional requirements with specific marketing workflows, and as a result they choose a marketing management suite (MMS) that is not well aligned to their needs, wasting resources and causing end-user frustration.

Get the Most Out of Your CRM

Customer relationship management (CRM) application portfolios are often messy,
with multiple integration points, distributed data, and limited ongoing end-user training. A properly optimized CRM ecosystem will reduce costs and increase productivity.

Customer Relationship Management Platform Selection Guide

Speed up the process to build your business case and select your CRM solution. Despite the importance of CRM selection and implementation, many organizations struggle to define an approach to picking the right vendor and rolling out the solution in an effective and cost-efficient manner.

Bibliography

"16 Biggest Tech Acquisitions in History." The Economic Times, 28 July 2016. Web.
"Adobe Acquires Demdex – Brings Audience Optimization to $109 Billion Global Online Ad Market." Adobe News, 18 Jan 2011. Accessed Nov 2022.
"Adobe Company History Timeline." Zippia, 9 Sept 2022. Accessed Nov 2022.
"Adobe to acquire Magento for $1.68B." TechCrunch, 21 May 2018. Accessed Dec 2022.
Anderson, Meghan Keaney. "HubSpot Launches European Headquarters." HubSpot Company News, 3 Mar 2013.
Arenas-Gaitán, Jorge, et al. "Complexity of Understanding Consumer Behavior from the Marketing Perspective." Journal of Complexity, vol. 2019, 8 Jan 2019. Accessed Sept 2022.
Bureau of Labor Statistics. "Advertising, Promotions, and Marketing Managers." Occupational Outlook Handbook. U.S. Department of Labor, 8 Sept 2022. Accessed 1 Nov 2022.
"Campaigns." Marketing Hub, HubSpot, n.d. Web.
Conklin, Bob. "Adobe report reveals best marketing practices for B2B growth in 2023 and beyond." Adobe Experience Cloud Blog, 23 Sept 2022. Web.
"Consumer Behavior Stats 2021: The Post-Pandemic Shift in Online Shopping Habit" Nosto.com, 7 April 2022. Accessed Oct 2022.
"Data Collection Overview." Experience League, Adobe.com, n.d. Accessed Dec 2022.
Duduskar, Avinash. "Interview with Tony Chen, CEO at Channel Factory." MarTech Series, 16 June 2017. Accessed Nov 2022.
"Enhanced Release of SAP Digital for Customer Engagement Helps Anyone Go Beyond CRM." SAP News, 8 Dec. 2015. Press release.
Fang, Mingyu. "A Deep Dive into Gucci's Metaverse Practice." Medium.com, 27 Feb 2022. Accessed Oct 2022.
Flanagan, Ellie. "HubSpot Launches Marketing Hub Starter to Give Growing Businesses the Tools They Need to Start Marketing Right." HubSpot Company News, 17 July 2018. Web.
Fleishman, Hannah. "HubStop Announces Pricing of Initial Public Offering." HubSpot Company News, 8 Oct. 204. Web.
Fluckinger, Don. "Adobe to acquire Workfront for $1.5 billion." TechTarget, 10 Nov 2020. Accessed Nov 2022.
Fluckinger, Don. "Microsoft Dynamics 365 adds customer journey orchestration." TechTarget, 2 March 2021. Accessed Nov 2022.
Green Marketing: Explore the Strategy of Green Marketing." Marketing Schools, 19 Nov 2020. Accessed Oct 2022.
Ha, Anthony. "Oracle Announces Its Cross-Platform Marketing Cloud." TechCrunch, 30 April 2014. Web.
Heyd, Kathrin. "Partners Welcome – SAP Customer Engagement Initiative 2022-2 is open for your registration(s)!" SAP Community Blog, 21 June 2022. Accessed Nov 2022.
HubSpot. "Our Story." HubSpot, n.d. Web.
Jackson, Felicia. "Salesforce Tackles Net Zero Credibility As It Adds Sustainability As A Fifth Core Value." Forbes, 16 Feb. 2022. Web.
Kolakowski, Nick. "Salesforce CEO Marc Benioff Talks Social Future." Dice, 19 Sept. 2012. Web.
Lardinois, Frederic. "Microsoft's Q4 earnings beat Street with $22.6B in revenue, $0.69 EPS." TechCrunch, 19 July 2016. Web.
Levine, Barry. "G2 Crowd report finds the two email marketing tools with the highest user satisfaction." Venture Beat, 30 July 2015. Accessed Nov 2022.
Looking Back, Moving Forward: The Evolution of Maropost for Marketing." Maropost Blog, 21 May 2019. Accessed Oct 2022.
Maher, Sarah. "What's new with HubSpot? Inbound 2022 Feature Releases." Six & Flow, 9 July 2022. Accessed Oct 2022.
Marketing Automation Provider, Salesfusion, Continues to Help Marketers Achieve Their Goals With Enhanced User Interface and Powerful Email Designer Updates." Yahoo Finance, 10 Dec 2013. Accessed Oct 2022.
"Maropost Acquires Retail Express for $55 Million+ as it Continues to Dominate the Global Commerce Space." Marapost Newsroom, PRWire.com, 19 Jan 2022. Accessed Nov 2022.
McDowell, Maghan. "Inside Gucci and Roblox's new virtual world." Vogue Business, 17 May 2021. Web.
Miller, Ron. "Adobe and Microsoft expand partnership with Adobe Experience Manager and Dynamics 265 Integration." TechCrunch, 3 Nov 2017. Accessed Nov 2022.
Miller, Ron. "Adobe to acquire Magento for $1.68B" TechCrunch, 21 May 2018. Accessed Nov 2022.
Miller, Ron. "SAP continues to build out customer experience business with Emarys acquisition." TechCrunch, 1 Oct. 2020. Web.
Miller, Ron. "SugarCRM moves into marketing automation with Salesfusion acquisition." TechCrunch, 16 May 2019.
Novet, Jordan. "Adobe confirms it's buying Marketo for $4.75 billion." CNBC, 20 Sept 2018. Accessed Dec 2022.
"Oracle Corp." Encyclopedia.com, n.d. Web.
Phillips, James. "April 2019 Release launches with new AI, mixed reality, and 350+ feature updates." Microsoft Dynamics 365 Blog. Microsoft, 2 April 2019. Web.
S., Aravindhan. "Announcing an important update to Zoho CRM-Zoho Campaigns integration." Zoho Campaigns Community Learning, Zoho, 1 Dec. 2021. Web.
Salesforce. "The History of Salesforce." Salesforce, 19 March 2020. Web.
"Salesfusion Integrates With NetSuite CRM to Simplify Sales and Marketing Alignment" GlobeNewswire, 6 May 2016. Accessed Oct 2022. Press release.
"Salesfusion Integrates With NetSuite CRM to Simplify Sales and Marketing Alignment." Marketwired, 6 May 2016. Web.
"Salesfusion is Now Sugar Market: The Customer FAQ." SugarCRM Blog, 31 July 2019. Web.
"Salesfusion's Marketing Automation Platform Drives Awareness and ROI for Education Technology Provider" GlobeNewswire, 25 June 2015. Accessed Nov 2022. Press release.
SAP. "SAP History." SAP, n.d. Web.
"State of Marketing." 5th Edition, Salesforce, 15 Jan 2019. Accessed Oct 2022.
"Success selects Maropost Marketing Cloud for Marketing Automation." Apps Run The World, 10 Jan 2015. Accessed Nov 2022.
"SugarCRM Acquires SaaS Marketing Automation Innovator Salesfusion." SugarCRM, 16 May 2019. Press release.
Sundaram, Vijay. "Introducing Zoho One." Zoho Blog, 25 July 2017. Web.
"The State of MarTech: Is you MarTech stack working for you?" American Marketing Association, 29 Nov 2021. Accessed Oct 2022.
"Top Marketing Automation Statistics for 2022." Oracle, 15 Jan 2022. Accessed Oct 2022.
Trefis Team. "Oracle Energizes Its Marketing Cloud With New Features." Forbes, 7 April 2015. Accessed Oct 2022.
Vivek, Kumar, et al. "Microsoft Dynamics 365 Customer Engagement (on-premises) Help, version 9.x." Learn Dynamics 365, Microsoft, 9 Jan 2023. Web.
"What's new with HubSpot? Inbound 2022 feature releases" Six and Flow, 9 July 2022. Accessed Nov 2022.
Widman, Jeff. "Salesforce.com Launches The Service Cloud,, A Customer Service SaaS Application." TechCrunch, 15 Jan. 2009. Web.
"Zoho History." Zippia, n.d. Web.
"Zoho Launches Zoho Campaigns." Business Wire, 14 Aug. 2012. Press release.
Zoho. "About Us." Zoho, n.d. Web.

Need hands-on assistance?

Engage Info-Tech for a Software Selection Workshop!

40 Hours of Advisory Assistance Delivered On-Line or In-Person

Select Better Software, Faster.

40 Hours of Expert Analyst Guidance
Project & Stakeholder Management Assistance
Save money, align stakeholders, Speed up the process & make better decisions.
Better, faster results, guaranteed, $25K standard engagement fee

This is an image of the plan for five advisory calls over a five week period.

CLICK HERE to book your Workshop Engagement

CIO Priorities 2022

  • Buy Link or Shortcode: {j2store}328|cart{/j2store}
  • member rating overall impact (scale of 10): 10.0/10 Overall Impact
  • member rating average dollars saved: $31,499 Average $ Saved
  • member rating average days saved: 9 Average Days Saved
  • Parent Category Name: Innovation
  • Parent Category Link: /innovation
  • Understand how to respond to trends affecting your organization.
  • Determine your priorities based on current state and relevant internal factors.
  • Assign the right amount of resources to accomplish your vision.
  • Consider what new challenges outside of your control will demand a response.

Our Advice

Critical Insight

A priority is created when external factors hold strong synergy with internal goals and an organization responds by committing resources to either avert risk or seize opportunity. These are the priorities identified in the report:

  1. Reduce Friction in the Hybrid Operating Model
  2. Improve Your Ransomware Readiness
  3. Support an Employee-Centric Retention Strategy
  4. Design an Automation Platform
  5. Prepare to Report on New Environmental, Social, and Governance Metrics

Impact and Result

Update your strategic roadmap to include priorities that are critical and relevant for your organization based on a balance of external and internal factors.

CIO Priorities 2022 Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. CIO Priorities 2022 – A report on the key priorities for competing in the digital economy.

Discover Info-Tech’s five priorities for CIOs in 2022.

  • CIO Priorities Report for 2022

2. Listen to the podcast series

Hear directly from our contributing experts as they discuss their case studies with Brian Jackson.

  • Frictionless hybrid working: How the Harvard Business School did it
  • Close call with ransomware: A CIO recounts a near security nightmare
  • How a financial services company dodged "The Great Resignation"
  • How Allianz took a blockchain platform from pilot to 1 million transactions
  • CVS Health chairman David Dorman on healthcare's hybrid future

Infographic

Further reading

CIO Priorities 2022

A jumble of business-related words. Info-Tech’s 2022 Tech Trends survey asked CIOs for their top three priorities. Cluster analysis of their open-ended responses shows four key themes:
  1. Business process improvements
  2. Digital transformation or modernization
  3. Security
  4. Supporting revenue growth or recovery

Info-Tech’s annual CIO priorities are formed from proprietary primary data and consultation with our internal experts with CIO stature

2022 Tech Trends Survey CIO Demographic N=123

Info-Tech’s Tech Trends 2022 survey was conducted between August and September 2021 and collected a total of 475 responses from IT decision makers, 123 of which were at the C-level. Fourteen countries and 16 industries are represented in the survey.

2022 IT Talent Trends Survey CIO Demographic N=44

Info-Tech’s IT Talent Trends 2022 survey was conducted between September and October 2021 and collected a total of 245 responses from IT decision makers, 44 of which were at the C-level. A broad range of countries from around the world are represented in the survey.

Internal CIO Panels’ 125 Years Of Combined C-Level IT Experience

Panels of former CIOs at Info-Tech focused on interpreting tech trends data and relating it to client experiences. Panels were conducted between November 2021 and January 2022.

CEO-CIO Alignment Survey Benchmark Completed By 107 Different Organizations

Info-Tech’s CEO-CIO Alignment program helps CIOs align with their supervisors by asking the right questions to ensure that IT stays on the right path. It determines how IT can best support the business’ top priorities and address the gaps in your strategy. In 2021, the benchmark was formed by 107 different organizations.

Build IT alignment

IT Management & Governance Diagnostic Benchmark Completed By 320 Different Organizations

Info-Tech’s Management and Governance Diagnostic helps IT departments assess their strengths and weaknesses, prioritize their processes and build an improvement roadmap, and establish clear ownership of IT processes. In 2021, the benchmark was formed by data from 320 different organizations.

Assess your IT processes

The CIO priorities are informed by Info-Tech’s trends research reports and surveys

Priority: “The fact or condition of being regarded or treated as more important than others.” (Lexico/Oxford)

Trend: “A general direction in which something is developing or changing.” (Lexico/Oxford)

A sequence of processes beginning with 'Sensing', 'Hypothesis', 'Validation', and ending with 'Trends, 'Priorities'. Under Sensing is Technology Research, Interviews & Insights, Gathering, and PESTLE. Under Hypothesis is Near-Future Probabilities, Identify Patterns, Identify Uncertainties, and Identify Human Benefits. Under Validation is Test Hypothesis, Case Studies, and Data-Driven Insights. Under Trends is Technology, Talent, and Industry. Under Priorities is CIO, Applications, Infrastructure, and Security.

Visit Info-Tech’s Trends & Priorities Research Center

Image called 'Defining the CIO Priorities for 2022'. Image shows 4 columns, Implications, Resource Investment, Amplifiers, and Actions and Outcomes, with 2 dotted lines, labeled External Context and Internal Context, running through all 4 columns and leading to bottom-right label called CIO Priorities Formed

The Five Priorities

Priorities to compete in the digital economy

  1. Reduce Friction in the Hybrid Operating Model
  2. Improve Your Ransomware Readiness
  3. Support an Employee-Centric Retention Strategy
  4. Design an Automation Platform
  5. Prepare to Report on New Environmental, Social, and Governance Metrics

Reduce friction in the hybrid operating model

Priority 01 | APO07 Human Resources Management

Deliver solutions that create equity between remote workers and office workers and make collaboration a joy.

Hybrid work is here to stay

CIOs must deal with new pain points related to friction of collaboration

In 2020, CIOs adapted to the pandemic’s disruption to offices by investing in capabilities to enable remote work. With restrictions on gathering in offices, even digital laggards had to shift to an all-remote work model for non-essential workers.

Most popular technologies already invested in to facilitate better collaboration

  • 24% Web Conferencing
  • 23% Instant Messaging
  • 20% Document Collaboration

In 2022, the focus shifts to solving problems created by the new hybrid operating model where some employees are in the office and some are working remotely. Without the ease of collaborating in a central hub, technology can play a role in reducing friction in several areas:

  • Foster more connections between employees. Remote workers are less likely to collaborate with people outside of their department and less likely to spontaneously collaborate with their peers. CIOs should provide a digital employee experience that fosters collaboration habits and keeps workers engaged.
  • Prevent employee attrition. With more workers reevaluating their careers and leaving their jobs, CIOs can help employees feel connected to the overall purpose of the organization. Finding a way to maintain culture in the new context will require new solutions. While conference room technology can be a bane to IT departments, making hybrid meetings effortless to facilitate will be more important.
  • Provide new standards for mediated collaboration. Meeting isn’t as easy as simply gathering around the same table anymore. CIOs need to provide structure around how hybrid meetings are conducted to create equity between all participants. Business continuity processes must also consider potential outages for collaboration services so employees can continue the work despite a major outage.

Three in four organizations have a “hybrid” approach to work. (Tech Trends 2022 Survey)

In most organizations, a hybrid model is being implemented. Only 14.9% of organizations are planning for almost everyone to return to the office, and only 9.9% for almost everyone to work remotely.

Elizabeth Clark

CIO, Harvard Business School

"I want to create experiences that are sticky. That keep people coming back and engaging with their colleagues."

Photo of Elizabeth Clark, CIO, Harvard Business School.

Listen to the Tech Insights podcast:
Frictionless hybrid working: How the Harvard Business School did it

Internal interpretation: Harvard Business School

  • March 2020
    The pandemic disrupts in-class education at Harvard Business School. Their case study method of instruction that depends on in-person, high-quality student engagement is at risk. While students and faculty completed the winter semester remotely, the Dean and administration make the goal to restore the integrity of the classroom experience with equity for both remote and in-person students.
  • May 2020
    A cross-functional task force of about 100 people work intensively, conducting seven formal experiments, 80 smaller tests, and hundreds of polling data points, and a technology and facilities solution is designed: two 4K video cameras capturing both the faculty and the in-class students, new ceiling mics, three 85-inch TV screens, and students joining the videoconference from their laptops. A custom Zoom room, combining three separate rooms, integrated all the elements in one place and integrated with the lecture capture system and learning management system.
  • October 2020
    Sixteen classrooms are renovated to install the new solution. Students return to the classroom but in lower numbers due to limits on in-room capacity, but students rotate between the in-person and remote experience.
  • September 2021
    Renovations for the hybrid solution are complete in 26 classrooms and HBS has determined this will be its standard model for the classroom. The case method of teaching is kept alive and faculty and students are thrilled with the results.
  • November 2021
    HBS is adapting its solution for the classroom to its conference rooms and has built out eight different rooms for a hybrid experience. The 4K cameras and TV screens capture all participants in high fidelity as well as the blackboard.

Photo of a renovated classroom with Zoom participants integrated with the in-person students.
The renovated classrooms integrate all students, whether they are participating remotely or in person. (Image courtesy of Harvard Business School.)

Implications: Organization, Process, Technology

External

  • Organization – About half of IT practitioners in the Tech Trends 2022 survey feel that IT leaders, infrastructure and operations teams, and security teams were “very busy” in 2021. Capacity to adapt to hybrid work could be constrained by these factors.
  • Process – Organizations that want employees to benefit from being back in the office will have to rethink how workers can get more value out of in-person meetings that also require videoconference participation with remote workers.
  • Technology – Fifty-four percent of surveyed IT practitioners say the pandemic raised IT spending compared to the projections they made in 2020. Much of that investment went into adapting to a remote work environment.

Internal

  • Organization – HBS added 30 people to its IT staff on term appointments to develop and implement its hybrid classroom solutions. Hires included instructional designers, support technicians, coordinators, and project managers.
  • Process – Only 25 students out of the full capacity of 95 could be in the classroom due to COVID-19 regulations. On-campus students rotated through the classroom seats. An app was created to post last-minute seat availability to keep the class full.
  • Technology – A Zoom room was created that combines three rooms to provide the full classroom experience: a view of the instructor, a clear view of each student that enlarges when they are speaking, and a view of the blackboard.

Resources Applied

Appetite for Technology

CIOs and their direct supervisors both ranked internal collaboration tools as being a “critical need to adopt” in 2021, according to Info-Tech’s CEO-CIO Alignment Benchmark Report.

Intent to Invest

Ninety-seven percent of IT practitioners plan to invest in technology to facilitate better collaboration between employees in the office and outside the office by the end of 2022, according to Info-Tech’s 2022 Tech Trends survey.

“We got so many nice compliments, which you don’t get in IT all the time. You get all the complaints, but it’s a rare case when people are enthusiastic about something that was delivered.” (Elizabeth Clark, CIO, Harvard Business School)

Harvard Business School

  • IT staff were reassigned from other projects to prioritize building a hybrid classroom solution. A cloud migration and other portfolio projects were put on pause.
  • The annual capital A/V investment was doubled. The amount of spend on conference rooms was tripled.
  • Employees were hired to the media services team at a time when other areas of the organization were frozen.

Outcomes at Harvard Business School

The new normal at Harvard Business School

New normal: HBS has found its new default operating model for the classroom and is extending its solution to its operating environment.

Improved CX: The high-quality experience for students has helped avoid attrition despite the challenges of the pandemic.

Engaged employees: The IT team is also engaged and feels connected to the mission of the school.

Photo of a custom Zoom room bringing together multiple view of the classroom as well as all remote students.
A custom Zoom room brings together multiple different views of the classroom into one single experience for remote students. (Image courtesy of Harvard Business School.)

From Priorities to Action

Make hybrid collaboration a joy

Align with your organization’s goals for collaboration and customer interaction, with the target of high satisfaction for both customers and employees. Invest in capital projects to improve the fidelity of conference rooms, develop and test a new way of working, and increase IT capacity to alleviate pressure points.

Foster both asynchronous and synchronous collaboration approaches to avoid calendars filling up with videoconference meetings to get things done and to accommodate workers contributing from across different time zones.

“We’ll always have hybrid now. It’s opened people’s eyes and now we’re thinking about the future state. What new markets could we explore?” (Elizabeth Clark, CIO, Harvard Business School)

Take the next step

Run Better Meetings
Hybrid, virtual, or in person – set meeting best practices that support your desired meeting norms.

Prepare People Leaders for the Hybrid Work Environment
Set hybrid work up for success by providing people leaders with the tools they need to lead within the new model.

Hoteling and Hot-Desking: A Primer
What you need to know regarding facilities, IT infrastructure, maintenance, security, and vendor solutions for desk hoteling and hot-desking.

“Human Resources Management” gap between importance and effectiveness
Info-Tech Research Group Management and Governance Diagnostic Benchmark 2021

A bar chart illustrating the Human Resources Management gap between importance and effectiveness. The difference is marked as Delta 2.3.

Improve your ransomware readiness

Priority 02 | APO13 Security Strategy

Mitigate the damage of successful ransomware intrusions and make recovery as painless as possible.

The ransomware crisis threatens every organization

Prevention alone won’t be enough against the forces behind ransomware.

Cybersecurity is always top of mind for CIOs but tends to be deprioritized due to other demands related to digital transformation or due to cost pressures. That’s the case when we examine our data for this report.

Cybersecurity ranked as the fourth-most important priority by CIOs in Info-Tech’s 2022 Tech Trends survey, behind business process improvement, digital transformation, and modernization. Popular ways to prepare for a successful attack include creating offline backups, purchasing insurance, and deploying new solutions to eradicate ransomware.

CIOs and their direct supervisors ranked “Manage IT-Related Security” as the third-most important top IT priority on Info-Tech’s CEO-CIO Alignment Benchmark for 2021, in support of business goals to manage risk, comply with external regulation, and ensure service continuity.

Most popular ways for organizations to prepare for the event of a successful ransomware attack:

  • 25% Created offline backups
  • 18% Purchased cyberinsurance
  • 19% New tech to eradicate ransomware

Whatever priority an organization places on cybersecurity, when ransomware strikes, it quickly becomes a red alert scenario that disrupts normal operations and requires all hands on deck to respond. Sophisticated attacks executed at wide scale demonstrate that security can be bypassed without creating an alert. After that’s accomplished, the perpetrators build their leverage by exfiltrating data and encrypting critical systems.

CIOs can plan to mitigate ransomware attacks in several constructive ways:

  • Business impact analysis. Determine the costs of an outage for specific periods and the system and data recovery points in time.
  • Engage a partner for 24/7 monitoring. Gain real-time awareness of your critical systems.
  • Review your identity access management (IAM) policies. Use of multi-factor authentication and limiting access to only the roles that need it reduces ransomware risk.

50% of all organizations spent time and money specifically to prevent ransomware in the past year. (Info-Tech Tech Trends 2022 Survey)

John Doe

CIO, mid-sized manufacturing firm in the US

"I want to create experiences that are sticky. That keep people coming back and engaging with their colleagues."

Blank photo.

Listen to the Tech Insights podcast:
Close call with ransomware: a CIO recounts a near security nightmare

Internal interpretation: US-based, mid-sized manufacturing firm

  • May 1, 2021
    A mid-sized manufacturing firm (“The Firm”) CIO gets a call from his head of security about odd things happening on the network. A call is made to Microsoft for support. Later that night, the report is that an unwanted crypto-mining application is the culprit. But a couple of hours later, that assessment is proven wrong when it’s realized that hundreds of systems are staged for a ransomware attack. All the attacker has to do is push the button.
  • May 2, 2021
    The Firm disconnects all its global sites to cut off new pathways for the malware to infect. All normal operations cease for 24 hours. It launches its cybersecurity insurance process. The CIO engages a new security vendor, CrowdStrike, to help respond. Employees begin working from home if they can so they can make use of their own internet service. The Firm has cut off its public internet connectivity and is severed from cloud services such as Azure storage and collaboration software.
  • May 4, 2021
    The hackers behind the attack are revealed by security forensics experts. A state-sponsored agency in Russia set up the ransomware and left it ready to execute. It sold the staged attack to a cybercriminal group, Doppel Spider. According to CrowdStrike, the group uses malware to run “big game hunting operations” and targets 18 different countries including the US and multiple industries, including manufacturing.
  • May 10, 2021
    The Firm has totally recovered from the ransomware incident and avoided any serious breach or paying a ransom. The CIO worked more hours than at any other point in his career, logging an estimated 130 hours over the two weeks.
  • November 2021
    The Firm never previously considered itself a ransomware target but has now reevaluated that stance. It has hired a service provider to run a security operations center on a 24/7 basis. It's implemented a more sophisticated detection and response model and implemented multi-factor authentication. It’s doubled its security spend in 2021 and will invest more in 2022.

“Now we take the approach that if someone does get in, we're going to find them out.” (John Doe, CIO, “The Firm”)

Implications: Organization, Process, Technology

External

  • Organization – Organizations must consider how their employees play a role in preventing ransomware and plan for training to recognize phishing and other common traps. They must make plans for employees to continue their work if systems are disrupted by ransomware.
  • Process – Backup processes across multiple systems should be harmonized to have both recent and common points to recover from. Work with the understanding IT will have to take systems offline if ransomware is discovered and there is no time to ask for permission.
  • Technology – Organizations can benefit from security services provided by a forensics-focused vendor. Putting cybersecurity insurance in place not only provides financial protection but also guidance in what to do and which vendors to work with to prevent and recover from ransomware.

Internal

  • Organization – The Firm was prepared with a business continuity plan to allow many of its employees to work remotely, which was necessary because the office network was incapacitated for ten days during recovery.
  • Process – Executives didn’t seek to assign blame for the security incident but took it as a signal there were some new costs involved to stay in business. It initiated new outsource relationships and hired one more full-time employee to shore up security resources.
  • Technology – New ransomware eradication software was deployed to 2,000 computers. Scripted processes automated much of the work, but in some cases full system rebuilds were required. Backup systems were disconnected from the network as soon as the malware was discovered.

Resources Applied

Consider the Alternative

Organizations should consider how much a ransomware attack on critical systems would cost them if they were down for a minimum of 24-48 hours. Plan to invest an amount at least equal to the costs of that downtime.

Ask for ID

Implementing across-the-board multi-factor authentication reduces chances of infection and is cheap, with enterprise solutions ranging from $2 to $5 per user on average. Be strict and deny access when connections don’t authenticate.

“You'll never stop everything from getting into the network. You can still focus on stopping the bad actors, but then if they do make it in, make sure they don't get far.” (John Doe, CIO, “The Firm”)

“The Firm” (Mid-Sized Manufacturer)

  • During the crisis, The Firm paused all activities and focused solely on isolating and eliminating the ransomware threat.
  • New outsourcing relationship with a vendor provides a 24/7 Security Operations Center.
  • One more full-time employee on the security team.
  • Doubled investment in security in 2021 and will spend more in 2022.

Outcomes at “The Firm” (Mid-Sized Manufacturer)

The new cost of doing business

Real-time security: While The Firm is still investing in prevention-based security, it is also developing its real-time detection and response capabilities. When ransomware makes it through the cracks, it wants to know as soon as possible and stop it.

Leadership commitment: The C-suite is taking the experience as a wake-up call that more investment is required in today’s threat landscape. The Firm rates security more highly as an overall organizational goal, not just something for IT to worry about.

Stock photo of someone using their phone while sitting at a computer, implying multi-factor authentication.
The Firm now uses multi-factor authentication as part of its employee sign-on process. For employees, authenticating is commonly achieved by using a mobile app that receives a secret code from the issuer.

From Priorities to Action

Cybersecurity is everyone’s responsibility

In Info-Tech’s CEO-CIO Alignment Benchmark for 2021, the business goal of “Manage Risk” was the single biggest point of disagreement between CIOs and their direct supervisors. CIOs rank it as the second-most important business goal, while CEOs rank it as sixth-most important.

Organizations should align on managing risk as a top priority given the severity of the ransomware threat. The threat actors and nature of the attacks are such that top leadership must prepare for when ransomware hits. This includes halting operations quickly to contain damage, engaging third-party security forensics experts, and coordinating with government regulators.

Cybersecurity strategies may be challenged to be effective without creating some friction for users. Organizations should look beyond multi-layer prevention strategies and lean toward quick detection and response, spending evenly across prevention, detection, and response solutions.

Take the next step

Create a Ransomware Incident Response Plan
Don’t be the next headline. Determine your current readiness, response plan, and projects to close gaps.

Simplify Identity and Access Management
Select and implement IAM and produce vendor RFPs that will contain the capabilities you need, including multi-factor authentication.

Cybersecurity Series Featuring Sandy Silk
More from Info-Tech’s Senior Workshop Director Sandy Silk in this video series created while she was still at Harvard University.

Gap between CIOs and CEOs in points allocated to “Manage risk” as a top business goal

A bar chart illustrating the gap between CIOs and CEOs in points allocated to 'Manage risk' as a top business goal. The difference is marked as Delta 1.5.

Support an employee-centric retention strategy

Priority 03 | ITRG02 Leadership, Culture & Values

Avoid being a victim of “The Great Resignation” by putting employees at the center of an experience that will engage them with clear career path development, purposeful work, and transparent feedback.

Defining an employee-first culture that improves retention

The Great resignation isn’t good for firms

In 2021, many workers decided to leave their jobs. Working contexts were disrupted by the pandemic and that saw non-essential workers sent home to work, while essential workers were asked to continue to come into work despite the risks of COVID-19. These disruptions may have contributed to many workers reevaluating their professional goals and weighing their values differently. At the same time, 2021 saw a surging economy and many new job opportunities to create a talent-hungry market. Many workers could have been motivated to take a new opportunity to increase their salary or receive other benefits such as more flexibility.

Annual turnover rate for all us employees on the rise

  • 20% – Jan.-Aug. 2020, Dipped from 22% in 2019
  • 25% Jan.-Aug. 2021, New record high
  • Data from Visier Inc.

When you can’t pay them, develop them

IT may be less affected than other departments by this trend. Info-Tech’s 2022 IT Talent Trends Report shows that on average, estimated turnover rate in IT is lower than the rest of the organization. Almost half of respondents estimated their organization’s voluntary turnover rate was 10% or higher. Only 30% of respondents estimate that IT’s voluntary turnover rate is in the same range. However, CIOs working in industries with the highest turnover rates will have to work to keep their workers engaged and satisfied, as IT skills are easily transferred to other industries.

49% ranked “enabling learning & development within IT” as high priority, more than any other single challenge. (IT Talent Trends 2022 Survey, N=227)

A bar chart of 'Industries with highest turnover rates (%)' with 'Leisure and Hospitality' at 6.4%, 'Trade, Transportation & Utilities' at 3.6%, 'Professional and Business' at 3.3%, and 'Other Services' at 3.1%. U.S. Bureau of Labor Statistics, 2022.

Jeff Previte

Executive Vice-President of IT, CrossCountry Mortgage

“We have to get to know the individual at a personal level … Not just talking about the business, but getting to know the person."

Photo of Jeff Previte, Executive Vice-President of IT, CrossCountry Mortgage.

Listen to the Tech Insights podcast:
How a financial services company dodged ‘The Great Resignation’

Internal interpretation: CrossCountry Mortgage

  • May 2019
    Jeff Previte joins Cleveland, Ohio-based CrossCountry Mortgage in the CIO role. The company faces a challenge with employee turnover, particularly in IT. The firm is a sales-focused organization and saw its turnover rate reach as high as 60%. Yet Previte recognized that IT had some meaningful goals to achieve and would need to attract – and retain – some higher caliber talent. His first objective in his new role was to meet with IT employees and business leadership to set priorities.
  • July 2019
    Previte takes a “people-first” approach to leadership and meets his staff face-to-face to understand their personal situations. He sets to work on defining roles and responsibilities in the organization, spending about a fifth of his time on defining the strategy.
  • June 2020
    Previte assigned his leadership team to McLean & Company’s Design an Impactful Employee Development Program. From there, the team developed a Salesforce tool called the Career Development Workbook. “We had some very passionate developers and admins that wanted to build a home-grown tool,” he says. It turns McLean & Company’s process into a digital tool employees can use to reflect on their careers and explore their next steps. It helps facilitate development conversations with managers.
  • January 2021
    CrossCountry Mortgage changes its approach to career development activities. Going to external conferences and training courses is reduced to just 30% of that effort. The rest is by doing hands-on work at the company. Previte aligned with his executives and road-mapped IT projects annually. Based on employee’s interests, opportunities are found to carve out time from usual day-to-day activities to spend time on a project in a new area. When there’s a business need, someone internally can be ready to transition roles.
  • June 2021
    In the two years since joining the company, Previte has reduced the turnover rate to just 12%. The IT department has grown to more adequately meet the needs of the business and employees are engaged with more opportunities to develop their careers. Instead of focusing on compensation, Previte focused more on engaging employees with a developmentally dedicated environment and continuous hands-on learning.

“It’s come down to a culture shift. Folks have an idea of where we’re headed as an organization, where we’re headed as an IT team, and how their role contributes to that.” (Jeff Previte, EVP of IT, CrossCountry Mortgage)

Implications: Organization, Process, Technology

External

  • Organization – A high priority is being placed on improving IT’s maturity through its talent. Enabling learning and development in IT, enabling departmental innovation, and recruiting are the top three highest priorities according to IT Talent Trends 2022 survey responses.
  • Process – Recruiting is more challenging for industries that operate primarily onsite, according to McLean & Company's 2022 HR Trends Report. They face more challenges attracting applications, more rejected offers, and more candidate ghosting compared to remote-capable industries.
  • Technology – Providing a great employee experience through digital tools is more important as many organizations see a mix of workers in the office and at home. These tools can help connect colleagues, foster professional development, and improve the candidate experience.

Internal

  • Organization – CrossCountry Mortgage faced a situation where IT employees did not have clarity on their roles and responsibilities. In terms of salary, it wasn’t offering at the high end compared to other employers in Cleveland.
  • Process – To foster a culture of growth and development, CrossCountry Mortgage put in place a performance assessment system that encouraged reflection and goal setting, aided by collaboration with a manager.
  • Technology – The high turnover rate was limiting CrossCountry Mortgage from achieving the level of maturity it needed to support the company’s goals. It ingrained its new PA process with a custom build of a Salesforce tool.

Resources Applied

Show me the money

Almost six in ten Talent Trends survey respondents identified salary and compensation as the reason that employees resigned in the past year. Organizations looking to engage employees must first pay a fair salary according to market and industry conditions.

Build me up

Professional development and opportunity for innovative work are the next two most common reasons for resignations. Organizations must ensure they create enough capacity to allow workers time to spend on development.

“Building our own solution created an element of engagement. There was a sense of ownership that the team had in thinking through this.” (Jeff Previte, CrossCountry Mortgage)

CrossCountry Mortgage

  • Executive time: CIO spends 10-20% of his time on activities related to designing the approach.
  • Leveraged memberships with Info-Tech Research Group and McLean & Company to define professional development process.
  • Internal IT develops automated workflow in Salesforce.
  • Hired additional IT staff to build out overall capacity and create time for development activities.

Outcomes at CrossCountry Mortgage

Engaged IT workforce

The Great Maturation: IT staff turnover rate dropped to 10-12% and IT talent is developing on the job to improve the department’s overall skill level. More IT staff on hand and more engaged workers mean IT can deliver higher maturity level results.

Alignment achieved: Connecting IT’s initiatives to the vision of the C-suite creates a clear purpose for IT in its initiatives. Staff understand what they need to achieve to progress their careers and can grow while they work.

Photo of employees from CrossCountry Mortgage assisting with a distribution event.
Employees from CrossCountry Mortgage headquarters assist with a drive-thru distribution event for the Cleveland Food Bank on Dec. 17, 2021. (Image courtesy of CrossCountry Mortgage.)

From Priorities to Action

Staff retention is a leadership priority

The Great Resignation trend is bringing attention to employee engagement and staff retention. IT departments are busier than ever during the pandemic as they work overtime to keep up with a remote workforce and new security threats. At the same time, IT talent is among the most coveted on the market.

CIOs need to develop a people-first approach to improve the employee experience. Beyond compensation, IT workers need clarity in terms of their career paths, a direct connection between their work and the goals of the organization, and time set aside for professional development.

Info-Tech’s 2021 benchmark for “Leadership, Culture & Values” shows that most organizations rate this capability very highly (9) but see room to improve on their effectiveness (6.9).

Take the next step

IT Talent Trends 2022
See how IT talent trends are shifting through the pandemic and understand how themes like The Great Resignation has impacted IT.

McLean & Company’s Modernize Performance Management
Customize the building blocks of performance management to best fit organizational needs to impact individual and organizational performance, productivity, and engagement.

Redesign Your IT Organizational Structure
Define future-state work units, roles, and responsibilities that will enable the IT organization to complete the work that needs to be done.

“Leadership, Culture & Values” gap between importance and effectiveness
Info-Tech Research Group Management and Governance Diagnostic Benchmark 2021

A bar chart illustrating the 'Leadership, Culture & Values' gap between importance and effectiveness. The difference is marked as Delta 2.1.

Design an automation platform

Priority 04 | APO04 Innovation

Position yourself to buy or build a platform that will enable new automation opportunities through seamless integration.

Build it or buy it, but platform integration can yield great benefits

Necessity is the mother of innovation

When it’s said that digital transformation accelerated during the pandemic, what’s really meant is that processes that were formerly done manually became automated through software. In responses to the Tech Trends survey, CIOs say digital transformation was more of a focus during the pandemic, and eight in ten CIOs also say they shifted more than 20% of their organization’s processes to digital during the pandemic. Automating tasks through software can be called digitalization.

Most organizations became more digitalized during the pandemic. But how they pursued it depends on their IT maturity. For digital laggards, partnering with a technology services platform is the path of least resistance. For sophisticated innovators, they can consider building a platform to address the specific needs of their business process. Doing so requires the foundation of an existing “digital factory” or innovation arm where new technologies can be tested, proofs of concept developed, and external partnerships formed. Patience is key with these efforts, as not every investment will yield immediate returns and some will fail outright.

Build it or buy it, platform participants integrate with their existing systems through application programming interfaces (APIs). Organizations should determine their platform strategies based on maturity, then look to integrate the business processes that will yield the most gains.

What role should you play in the platform ecosystem?

A table with levels on the maturity ladder laid out as a sprint. Column headers are maturity levels 'Struggle', 'Support', 'Optimize', 'Expand', and 'Transform', row headers are 'Maturity' and 'Role'. Roles are assigned to one or many levels. 'Improve' is solely under Struggle. 'Integrate' spans from Support to Transform. 'Buy' spans Support to Expand. 'Build' begins midway through Expand and all of Transform. 'Partner' spans from Optimize to halfway through Transform.

68% of CIOs say digital transformation became much more of a focus for their organization during the pandemic (Info-Tech Tech Trends 2022 Survey)

Bob Crozier

Chief Architect, Allianz Technology & Global Head of Blockchain, Allianz Technology SE

"Smart contracts are really just workflows between counterparties."

Photo of Bob Crozier, Chief Architect, Allianz Technology & Global Head of Blockchain, Allianz Technology SE.

Listen to the Tech Insights podcast:
How Allianz took a blockchain platform from pilot to 1 million transactions

Internal interpretation: Allianz Technology

  • 2015
    After smart contracts are demonstrated on the Ethereum blockchain, Allianz and other insurers recognize the business value. There is potential to use the capability to administer a complex, multi-party contract where the presence of the reinsurer in the risk transfer ecosystem is required. Manual contracts could be turned into code and automated. Allianz organized an early proof of concept around a theoretical pandemic excessive loss contract.
  • 2018
    Allianz Chief Architect Bob Crozier is leading the Global Blockchain Center of Competence for Allianz. They educate Allianz on the value of blockchain for business. They also partner with a joint venture between the Technology University of Munich and the state of Bavaria. A cohort of Masters students is looking for real business problems to solve with open-source distributed ledger technology. Allianz puts its problem statement in front of the group. A student team presents a proof of concept for an international motor insurance claims settlement and it comes in second place at a pitch day competition.
  • 2019
    Allianz brings the concept back in-house, and its business leaders return to the concept. Startup Luther Systems is engaged to build a minimum-viable product for the solution, with the goal being a pilot involving three or four subsidiaries in different countries. The Blockchain Center begins communicating with 25 Allianz subsidiaries that will eventually deploy the platform.
  • 2020
    Allianz is in build mode on its international motor insurance claims platform. It leverages its internal Dev/SecOps teams based in Munich and in India.
  • May 2021
    Allianz goes live with its new platform on May 17, decommissioning its old system and migrating all live claims data onto the new blockchain platform. It sees 400 concurrent users go live across Europe.
  • January 2022
    Allianz mines its one-millionth block to its ledger on Jan. 19, with each block representing a peer-to-peer transaction across its 25 subsidiaries in different countries. The platform has settled hundreds of millions of dollars.

Stock photo of two people arguing over a car crash.

Implications: Organization, Process, Technology

External

  • Organization – To explore emerging technologies like blockchain, organizations need staff that are accountable for innovation and have leeway to develop proofs of concept. External partners are often required to bring in fresh ideas and move quickly towards an MVP.
  • Process – According to the Tech Trends 2022 survey, 84% of CIOs consider automation a high-value digital capability, and 77% say identity verification is a high-value capability. A blockchain platform using smart contracts can deliver those.
  • Technology – The Linux Foundation’s Hyperledger Fabric is an open-source blockchain technology that’s become popular in the financial industry for its method of forming consensus and its modular architecture. It’s been adopted by USAA, MasterCard, and PayPal. It also underpins the IBM Blockchain Platform and is supported by Azure Blockchain.

Internal

  • Organization – Allianz is a holding company that owns Allianz Technology and 25 operating entities across Europe. It uses the technology arm to innovate on the business process and creates shared platforms that its entities can integrate with to automate across the value chain.
  • Process – Initial interest in smart contracts on blockchain were funneled into a student competition, where a proof of concept was developed. Allianz partnered with a startup to develop an MVP, then developed the platform while aligning with its business units ahead of launch.
  • Technology – Allianz built its blockchain platform on Hyperledger Fabric because it was a permissioned system, unlike other public permissionless blockchains such as Ethereum, and because its mining mechanism was much more energy efficient compared to other blockchains using Proof of Work consensus models.

Resources Applied

Time to innovate

Exploring emerging technology for potential use cases is difficult for staff tasked with running day-to-day operations. Organizations serious about innovation create a separate team that can focus on “moonshot” projects and connect with external partners.

Long-term ROI

Automation of new business processes often requires a high upfront initial investment for a long-term efficiency gain. A proof of concept should demonstrate clear business value that can be repeated often and for a long period.

“My next project has to deliver in the tens of millions of value in return. The bar is high and that’s what it should be for a business of our size.” (Bob Crozier, Allianz)

Allianz

  • Several operating entities from different countries supplied subject matter expertise and helped with the testing process.
  • Allianz Technology team has eight staff members. It is augmented by Luther Systems and the team at industry group B3i.
  • Funding of less than $5 million to develop. Dev team continues to add improvements.
  • Operating requires just one full-time employee plus infrastructure costs, mostly for public cloud hosting.

Outcomes at Allianz

From insurer to platform provider

Deliver your own SaaS: Allianz Technology built its blockchain-based claims settlement platform and its subsidiaries consume it as software as a service. The platform runs on a distributed architecture across Europe, with each node running the same version of the software. Operating entities can also integrate their own systems to the platform via APIs and further automate business processes such as billing.

Ready to scale: After processing one million transactions, the international claims settlement platform is proven and ready to add more participants. Crozier sees auto repair shops and auto manufacturers as the next logical users.

Stock photo of Blockchain.
Allianz is a shareholder of the Blockchain Insurance Industry Initiative (B3i). It is providing a platform used by a group of insurance companies in the commercial and reinsurance space.

When should we use blockchain? THREE key criteria:

  • Redundant processes
    Different entities follow the same process to achieve the desired outcome.
  • Audit trail
    Accountability in the decision making must be documented.
  • Reconciliation
    Parties need to be able to resolve disputes by tracing back to the truth.

From Priorities to Action

It’s a build vs. buy question for platforms

Allianz was able to build a platform for its group of European subsidiaries because of its established digital factory and commitment to innovation. Allianz Technology is at the “innovate” level of IT maturity, allowing it to create a platform that subsidiaries can integrate with via APIs. For firms that are lower on the IT maturity scale, buying a platform solution is the better path to automation. These firms will be concerned with integrating their legacy systems to platforms that can reduce the friction of their operating environments and introduce modern new capabilities.

From Info-Tech’s Build a Winning Business Process Automation Playbook

An infographic comparing pros and cons of Build versus Buy. On the 'Build: High Delivery Capacity & Capability' side is 'Custom Development', 'Data Integration', 'AI/ML', 'Configuration', 'Native Workflow', and 'Low & No Code'. On the 'Buy: Low Delivery Capacity & Capability' side is 'Outsource Development', 'iPaaS', 'Chatbots', 'iBPMS & Rules Engines', 'RPA', and 'Point Solutions'.

Take the next step

Accelerate Your Automation Processes
Integrate automation solutions and take the first steps to building an automation suite.

Build Effective Enterprise Integration on the Back of Business Process
From the backend to the frontlines – let enterprise integration help your business processes fly.

Evolve Your Business Through Innovation
Innovation teams are tasked with the responsibility of ensuring that their organizations are in the best position to succeed while the world is in a period of turmoil, chaos, and uncertainty.

“Innovation” gap between importance and effectiveness Info-Tech Research Group Management and Governance Diagnostic Benchmark 2021

A bar chart illustrating the 'Innovation' gap between importance and effectiveness. The difference is marked as Delta 2.1.

Prepare to report on new environmental, social, and governance (ESG) metrics

Priority 05 | ITRG06 Business Intelligence and Reporting

Be ready to either lead or support initiatives to meet the criteria of new ESG reporting mandates and work toward disclosure reporting solutions.

Time to get serious about ESG

What does CSR or ESG mean to a CIO?

Humans are putting increasing pressure on the planet’s natural environment and creating catastrophic risks as a result. Efforts to mitigate these risks have been underway for the past 30 years, but in the decade ahead regulators are likely to impose more strict requirements that will be linked to the financial value of an organization. Various voluntary frameworks exist for reporting on environmental, social, and governance (ESG) or corporate social responsibility (CSR) metrics. But now there are efforts underway to unify and clarify those standards.

The most advanced effort toward a global set of standards is in the environmental area. At the United Nations’ COP26 summit in Scotland last November, the International Sustainability Standards Board (ISSB) announced its headquarters (Frankfurt) and three other international office locations (Montreal, San Francisco, and London) and its roadmap for public consultations. It is working with an array of voluntary standards groups toward a consensus.

In Info-Tech’s 2022 Tech Trends survey, two-thirds of CIOs say their organization is committed to reducing greenhouse gas emissions, yet only 40% say their organizational leadership is very concerned with reducing those emissions. CIOs will need to consider how to align organizational concern with internal commitments and new regulatory pressures. They may investigate new real-time reporting solutions that could serve as a competitive differentiator on ESG.

Standards informing the ISSB’s global set of climate standards

A row of logos of organizations that inform ISSB's global set of climate standards.

67% of CIOs say their organization is committed to reducing greenhouse gases, with one-third saying that commitment is public. (Info-Tech Tech Trends 2022 Survey)

40% of CIOs say their organizational leadership is very concerned with reducing greenhouse gas emissions.

David W. Dorman

Chairman of the board, CVS Health

“ESG is a question of what you do in the microcosm of your company to make sure there is a clear, level playing field – that there is a color-blind, gender-blind meritocracy available – that you are aware that not in every case can you achieve that without really focusing on it. It’s not going to happen on its own. That’s why our commitments have real dollars behind them and real focus behind them because we want to be the very best at doing them.”

Photo of David W. Dorman, Chairman of the Board, CVS Health.

Listen to the Tech Insights podcast:
CVS Health chairman David Dorman on healthcare's hybrid future

Internal interpretation: CVS Health

CVS Health established a new steering committee of senior leaders in 2020 to oversee ESG commitments. It designs its corporate social responsibility strategy, Transform Health 2030, by aligning company activities in four key areas: healthy people, healthy business, healthy planet, and healthy community. The strategy aligns with the United Nations’ Sustainable Development Goals. In alignment with these goals, CVS identifies material topics where the company has the most ability to make an impact. In 2020, its top three topics were:

  1. Access to quality health care
  2. Patient and customer safety
  3. Data protection and privacy
Material Topic
Access to quality health care
Material Topic
Patient and customer safety
Material Topic
Data protection and privacy
Technology Initiative
MinuteClinic’s Virtual Collaboration for Nurses

CVS provided Apple iPads compliant with the Health Insurance Portability and Accountability Act (HIPAA) to clinics in a phased approach, providing training to more than 700 providers in 26 states by February 2021. Nurses could use the iPads to attend virtual morning huddles and access clinical education. Nurses could connect virtually with other healthcare experts to collaborate on delivering patient care in real-time. The project was able to scale across the country through a $50,000 American Nurses Credentialing Center Pathway Award. (Wolters Kluwer Health, Inc.)

Technology Initiative
MinuteClinic’s E-Clinic

MinuteClinics launched this telehealth solution in response to the pandemic, rolling it out in three weeks. The solution complemented video visits delivered in partnership with the Teladoc platform. Visits cost $59 and are covered by Aetna insurance plans, a subsidiary of CVS Health. It hosted more than 20,000 E-Clinic visits through the end of 2020. CVS connected its HealthHUBs to the solution to increase capacity in place of walk-in appointments and managed patients via phone for medication adherence and care plans. CVS also helped behavioral health providers transition patients to virtual visits. (CVS Health)

Technology Initiative
Next Generation Authentication Platform

CVS patented this solution to authenticate customers accessing digital channels. It makes use of the available biometrics data and contextual information to validate identity without the need for a password. CVS planned to extend the platform to voice channels as well, using voiceprint technology. The solution prevents unauthorized access to sensitive health data while providing seamless access for customers. (LinkedIn)

Implications: Organization, Process, Technology

External

  • Organization – Since the mid-2010s, younger investors have demonstrated reliance on ESG data when making investment decisions, resulting in the creation of voluntary standards that offered varied approaches. Organizations in ESG exchange-traded funds are outperforming the overall S&P 500 (S&P Global Market Intelligence).
  • Process – Organizations are issuing ESG reports today despite the absence of clear rules to follow for reporting results. With regulators expected to step in to establish more rigid guidelines, many organizations will need to revisit their approach to ESG reports.
  • Technology – Real-time reporting of ESG metrics will become a competitive advantage before 2030. Engineering a solution that can alert organizations to poor performance on ESG measures and allow them to respond could avert losing market value.

Internal

  • Organization – CVS Health established an ESG Steering Committee in 2020 composed of senior leaders including its chief governance officers, chief sustainability officer, chief risk officer, and controller and SVP of investor relations. It is supported by the ESG Operating Committee.
  • Process – CVS conducts a materiality assessment in accordance with Global Reporting Initiative standards to determine the most significant ESG impacts it can make and what topics most influence the decisions of stakeholders. It engages with various stakeholder groups on CSR topics.
  • Technology – CVS technology initiatives during the pandemic focused on supporting patients and employees in collaborating on health care delivery using virtual solutions, providing rich digital experiences that are easily accessible while upholding high security and privacy standards.

Resources Applied

Lack of commitment

While 83% of businesses state support for the Sustainable Development Goals outlined by the Global Reporting Initiative (GRI), only 40% make measurable commitments to their goals.

Show your work

The GRI recommends organizations not only align their activities with sustainable development goals but also demonstrate contributions to specific targets in reporting on the positive actions they carry out. (GRI, “State of Progress: Business Contributions to the SDGS.”)

“We end up with a longstanding commitment to diversity because that’s what our customer base looks like.” (David Dorman, CVS Health)

CVS Health

  • The MinuteClinic Virtual Collaboration solution was piloted in Houston, demonstrated success, and won additional $50,000 funding from the Pathway to Excellence Award to scale the program across the country (Wolters Kluwer Health, Inc.).
  • The Next-Gen Authentication solution is provided by the vendor HYPR. It is deployed to ten million users and looking to scale to 30 million more. Pricing for enterprises is quoted at $1 per user, but volume pricing would apply to CVS (HYPR).

Outcomes at CVS Health

Delivering on hybrid healthcare solutions

iPads for collaboration: Healthcare practitioners in the MinuteClinic Virtual Collaboration initiative agreed that it improved the use of interprofessional teams, working well virtually with others, and improved access to professional resources (Wolters Kluwer Health, Inc.)

Remote healthcare: Saw a 400% increase in MinuteClinic virtual visits in 2020 (CVS Health).

Verified ID: The Next Generation Authentication platform allowed customers to register for a COVID-19 vaccination appointment. CVS has delivered more than 50 million vaccines (LinkedIn).

Stock photo of a doctor with an iPad.
CVS Health is making use of digital channels to connect its customers and health practitioners to a services platform that can supplement visits to a retail or clinic location to receive diagnostics and first-hand care.

From Priorities to Action

Become your organization’s ESG Expert

The risks posed to organizations and wider society are becoming more severe, driving a transition from voluntary frameworks for ESG goals to a mandatory one that’s enforced by investors and governments. Organizations will be expected to tie their core activities to a defined set of ESG goals and maintain a balance sheet of their positive and negative impacts. CIOs should become experts in ESG disclosure requirements and recommend the steps needed to meet or exceed competitors’ efforts. If a leadership vacuum for ESG accountability exists, CIOs can either seek to support their peers that are likely to become accountable or take a leadership role in overseeing the area. CIOs should start working toward solutions that deliver real-time reporting on ESG goals to make reporting frictionless.

“If you don’t have ESG oversight at the highest levels of the company, it won’t wind up getting the focus. That’s why we review it at the Board multiple times per year. We have an annual report, we compare how we did, what we intended to do, where did we fall short, where did we exceed, and where we can run for daylight to do more.” (David Dorman, CVS Health)

Take the next step

ESG Disclosures: How Will We Record Status Updates on the World We Are Creating?
Prepare for the era of mandated environmental, social, and governance disclosures.

Private Equity and Venture Capital Growing Impact of ESG Report
Learn about how the growing impact of ESG affects both your organization and IT specifically, including challenges and opportunities, with expert assistance.

“Business Intelligence and Reporting” gap between importance and effectiveness
Info-Tech Research Group Management and Governance Diagnostic Benchmark 2021

A bar chart illustrating the 'BI and Reporting' gap between importance and effectiveness. The difference is marked as Delta 2.4.

The Five Priorities

Priorities to compete in the digital economy

  1. Reduce Friction in the Hybrid Operating Model
  2. Improve Your Ransomware Readiness
  3. Support an Employee-Centric Retention Strategy
  4. Design an Automation Platform
  5. Prepare to Report on New Environmental, Social, and Governance Metrics

Contributing Experts

Elizabeth Clark

CIO, Harvard Business School
Photo of Elizabeth Clark, CIO, Harvard Business School.

Jeff Previte

Executive Vice-President of IT, CrossCountry Mortgage
Photo of Jeff Previte, Executive Vice-President of IT, CrossCountry Mortgage.

Bob Crozier

Chief Architect, Allianz Technology & Global Head of Blockchain, Allianz Technology SE
Photo of Bob Crozier, Chief Architect, Allianz Technology & Global Head of Blockchain, Allianz Technology SE.

David W. Dorman

Chairman of the Board, CVS Health
Photo of David W. Dorman, Chairman of the Board, CVS Health.

Info-Tech’s internal CIO panel contributors

  • Bryan Tutor
  • John Kemp
  • Mike Schembri
  • Janice Clatterbuck
  • Sandy Silk
  • Sallie Wright
  • David Wallace
  • Ken McGee
  • Mike Tweedie
  • Cole Cioran
  • Kevin Tucker
  • Angelina Atkins
  • Yakov Kofner
Photo of an internal CIO panel contributor. Photo of an internal CIO panel contributor.Photo of an internal CIO panel contributor.
Photo of an internal CIO panel contributor.Photo of an internal CIO panel contributor.Photo of an internal CIO panel contributor.Photo of an internal CIO panel contributor.
Photo of an internal CIO panel contributor.Photo of an internal CIO panel contributor.Photo of an internal CIO panel contributor.

Thank you for your support

Logo for the Blockchain Research Institute.
Blockchain Research Institute

Bibliography – CIO Priorities 2022

“2020 Corporate Social Responsibility Report.” CVS Health, 2020, p. 127. Web.

“Adversary: Doppel Spider - Threat Actor.” Crowdstrike Adversary Universe, 2021. Accessed 29 Dec. 2021.

“Aetna CVS Health Success Story.” HYPR, n.d. Accessed 6 Feb. 2022.

Baig, Aamer. “The CIO agenda for the next 12 months: Six make-or-break priorities.” McKinsey Digital, 1 Nov. 2021. Web.

Ball, Sarah, Kristene Diggins, Nairobi Martindale, Angela Patterson, Anne M. Pohnert, Jacinta Thomas, Tammy Todd, and Melissa Bates. “2020 ANCC Pathway Award® winner.” Wolters Kluwer Health, Inc., 2021. Accessed 6 Feb. 2022.

“Canadian Universities Propose Designs for a Central Bank Digital Currency.” Bank of Canada, 11 Feb. 2021. Accessed 14 Dec. 2021.

“Carbon Sequestration in Wetlands.” MN Board of Water and Soil Resources, n.d. Accessed 15 Nov. 2021.

“CCM Honored as a NorthCoast 99 Award Winner.” CrossCountry Mortgage, 1 Dec. 2021. Web.

Cheek, Catherine. “Four Things We Learned About the Resignation Wave–and What to Do Next.” Visier Inc. (blog), 5 Oct. 2021. Web.

“Companies Using Hyperledger Fabric, Market Share, Customers and Competitors.” HG Insights, 2022. Accessed 25 Jan. 2022.

“IFRS Foundation Announces International Sustainability Standards Board, Consolidation with CDSB and VRF, and Publication of Prototype Disclosure Requirements.” IFRS, 3 Nov. 2021. Web.

“IT Priorities for 2022: A CIO Report.” Mindsight, 28 Oct. 2021. Web.

“Job Openings and Labor Turnover Survey.” Databases, Tables & Calculators by Subject, U.S. Bureau of Labor Statistics, 2022. Accessed 9 Feb. 2022.

Kumar, Rashmi, and Michael Krigsman. “CIO Planning and Investment Strategy 2022.” CXOTalk, 13 Sept. 2021. Web.

Leonhardt, Megan. “The Great Resignation Is Hitting These Industries Hardest.” Fortune, 16 Nov. 2021. Accessed 7 Jan. 2022.

“Most companies align with SDGs – but more to do on assessing progress.” Global Reporting Initiative (GRI), 17 Jan. 2022. Web.

Navagamuwa, Roshan. “Beyond Passwords: Enhancing Data Protection and Consumer Experience.” LinkedIn, 15 Dec. 2020.

Ojo, Oluwaseyi. “Achieving Digital Business Transformation Using COBIT 2019.” ISACA, 19 Aug. 2019. Web.

“Priority.” Lexico.com, Oxford University Press, 2021. Web.

Riebold, Jan, and Yannick Bartens. “Reinventing the Digital IT Operating Model for the ‘New Normal.’” Capgemini Worldwide, 3 Nov. 2020. Web.

Samuels, Mark. “The CIO’s next priority: Using the tech budget for growth.” ZDNet, 1 Sept. 2021. Accessed 1 Nov. 2021.

Sayer, Peter. “Exclusive Survey: CIOs Outline Tech Priorities for 2021-22.” CIO, 5 Oct. 2021. Web.

Shacklett, Mary E. “Where IT Leaders Are Likely to Spend Budget in 2022.” InformationWeek, 10 Aug. 2021. Web.

“Table 4. Quits Levels and Rates by Industry and Region, Seasonally Adjusted - 2021 M11 Results.” U.S. Bureau of Labor Statistics, Economic News Release, 1 Jan. 2022. Accessed 7 Jan. 2022.

“Technology Priorities CIOs Must Address in 2022.” Gartner, 19 Oct. 2021. Accessed 1 Nov. 2021.

Thomson, Joel. Technology, Talent, and the Future Workplace: Canadian CIO Outlook 2021. The Conference Board of Canada, 7 Dec. 2021. Web.

“Trend.” Lexico.com, Oxford University Press, 2021. Web.

Vellante, Dave. “CIOs signal hybrid work will power tech spending through 2022.” SiliconANGLE, 25 Sept. 2021. Web.

Whieldon, Esther, and Robert Clark. “ESG funds beat out S&P 500 in 1st year of COVID-19; how 1 fund shot to the top.” S&P Global Market Intelligence, April 2021. Accessed Dec. 2021.

Adopt Change Management Practices and Succeed at IT Organizational Redesign

  • Buy Link or Shortcode: {j2store}393|cart{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Organizational Design
  • Parent Category Link: /organizational-design

Organizational redesigns frequently fail when it comes to being executed. This leads to:

  • The loss of critical talent and institutional knowledge.
  • An inability to deliver on strategic goals and objectives.
  • Financial and time losses to the organization.

Organizational redesigns fail during implementation primarily because they do not consider the change management required to succeed.

Our Advice

Critical Insight

Implementing your organizational design with good change management practices is more important than defining the new organizational structure.

Implementation is often negatively impacted due to:

  • Employees not understanding the need to redesign the organizational structure or operating model.
  • Employees not being communicated with or engaged throughout the process, which can cause chaos.
  • Managers not being prepared or trained to have difficult conversations with employees.

Impact and Result

When good change management practices are used and embedded into the implementation process:

  • Employees feel respected and engaged, reducing turnover and productivity loss.
  • The desired operating structure can be implemented faster, enabling the delivery of strategic objectives.
  • Gaps and disorganization are avoided, saving the organization time and money.

Invest change management for your IT redesign.

Adopt Change Management Practices and Succeed at IT Organizational Redesign Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Adopt Change Management Practices and Succeed at IT Organizational Redesign Deck – Succeed at implementing your IT organizational structure by adopting the necessary change management practices.

The best IT organizational structure will still fail to be implemented if the organization does not leverage and use good change management practices. Consider practices such as aligning the structure to a meaningful vision, preparing leadership, communicating frequently, including employees, and measuring adoption to succeed at organizational redesign implementation.

  • Adopt Change Management Practices and Succeed at IT Organizational Redesign Storyboard

2. IT Organizational Redesign Pulse Survey Template – A survey template that can be used to measure the success of your change management practices during organizational redesign implementation.

Taking regular pulse checks of employees and managers during the transition will enable IT Leaders to focus on the right practices to enable adoption.

  • IT Organizational Redesign Pulse Survey Template
[infographic]

Further reading

Adopt Change Management Practices & Succeed at IT Organizational Redesign

The perfect IT organizational structure will fail to be implemented if there is no change management.

Analyst Perspective

Don’t doom your organizational redesign efforts

The image contains a picture of Brittany Lutes.

After helping hundreds of organizations across public and private sector industries redesign their organizational structure, we can say there is one thing that will always doom this effort: A failure to properly identify and implement change management efforts into the process.

Employees will not simply move forward with the changes you suggest just because you as the CIO are making them. You need to be prepared to describe the individual benefits each employee can expect to receive from the new structure. Moreover, it has to be clear why this change was needed in the first place. Redesign efforts should be driven by a clear need to align to the organization’s vision and support the various objectives that will need to take place.

Most organizations do a great job defining a new organizational structure. They identify a way of operating that tells them how they need to align their IT capabilities to deliver on strategic objectives. What most organizations do poorly is invest in their people to ensure they can adopt this new way of operating.

Brittany Lutes
Research Director, Organizational Transformation

Info-Tech Research Group

Executive Summary

Your Challenge

Common Obstacles

Info-Tech’s Approach

Organizational redesigns frequently fail when it comes to being executed. This leads to:

  • The loss of critical talent and institutional knowledge.
  • An inability to deliver on strategic goals and objectives.
  • Financial and time losses to the organization.

Organizational redesigns fail during implementation primarily because they do not consider the change management required to succeed.

Implementation of the organizational redesign is often impacted when:

  • Employees do not understand the need to redesign the organizational structure or operating model.
  • Employees are not communicated with or engaged throughout the process, which can cause chaos.
  • Managers are not prepared or trained to have difficult conversations with employees.

Essentially, implementation is impacted when change management is not included in the redesign process.

When good change management practices are used and embedded into the implementation process:

  • Employees feel respected and engaged, reducing turnover and productivity loss.
  • The desired operating structure can be implemented faster, enabling the delivery of strategic objectives.
  • Gaps and disorganization are avoided, saving the organization time and money.

Invest in change management for your IT redesign.

Info-Tech Insight

Implementing your organizational design with good change management practices is more important than defining the new organizational structure.

Your challenge

This research enables organizations to succeed at their organizational redesign:

  • By implementing the right change management practices. These methods prevent:
    • The loss of critical IT employees who will voluntarily exit the organization.
    • Employees from creating rumors that will be detrimental to the change.
    • Confusion about why the change was needed and how it will benefit the strategic objectives the organization is seeking to achieve.
    • Spending resources (time, money, and people) on the initiative longer than is necessary.

McKinsey reported less than 25% of organizational redesigns are successful. Which is worse than the average change initiative, which has a 70% failure rate.

Source: AlignOrg, 2020.

The value of the organizational redesign efforts is determined by the percentage of individuals who adopt the changes and operate in the desired way of working.

When organizations properly use organizational design processes, they are:

4× more likely to delight customers

13× more effective at innovation

27× more likely to retain employees

Source: The Josh Bersin Company, 2022

Common obstacles

These barriers make implementing an organizational redesign difficult to address for many organizations:

  • You communicated the wrong message to the wrong audience at the wrong time. Repeatedly.
  • There is a lack of clarity around the drivers for an organizational redesign.
  • A readiness assessment was not completed ahead of the changes.
  • There is no flexibility built into the implementation approach.
  • The structure is not aligned to the strategic goals of IT and the organization.
  • IT leadership is not involved in their staff’s day-to-day activities, making it difficult to suggest realistic changes.

Don’t doom your organizational redesign with poor change management

Only 17% of frontline employees believe the lines of communication are open.

Source: Taylor Reach Group, 2019

43% Percentage of organizations that are ineffective at the organizational design methodology.

Source: The Josh Bersin Company, 2022.

Change management is a must for org design

Forgetting change management is the easiest way to fail at redesigning your IT organizational structure

  • Change management is not a business transformation.
  • Change management consists of the practices and approaches your organization takes to support your people through a transformation.
  • Like governance, change management happens regardless of whether it is planned or ad hoc.
  • However, good change management will be intentional and agile, using data to help inform the next action steps you will take.
  • Change management is 100% focused on the people and how to best support them as they learn to understand the need for the change, what skills they must have to support and adopt the change, and eventually to advocate for the change.

"Organizational transformation efforts rarely fail because of bad design, but rather from lack of sufficient attention to the transition from the old organization to the new one."

– Michael D. Watkins & Janet Spencer. ”10 Reason Why Organizational Change Fails.”

Info-Tech’s approach

Redesigning the IT structure depends on good change management

The image contains a screenshot of Info-Tech's approach, and good change management.

Common changes in organizational redesigns

Entirely New Teams

Additions, reductions, or new creations. The individuals that make up a functional team can shift.

New Team Members

As roles become defined, some members might be required to shift and join already established groups.

New Responsibilities

The capabilities individuals will be accountable or responsible for become defined.

New Ways of Operating

From waterfall to Agile, collaborative to siloed, your operating model provides insight into the ways roles will engage one another.

Top reasons organizational redesigns fail

  1. The rationale for the redesign is not clear.
  2. Managers do not have the skills to lead their teams through a change initiative like organizational redesign.
  3. You communicated the wrong messages at the wrong times to the wrong audiences.
  4. Frontline employees were not included in the process.
  5. The metrics you have to support the initiative are countering one another – if you have metrics at all.
  6. Change management and project management are being treated interchangeably.

Case study: restructuring to reduce

Clear Communication & Continuous Support

Situation

On July 26th, 2022, employees at Shopify – an eCommerce platform – were communicated to by their CEO that a round of layoffs was about to take place. Effective that day, 1,000 employees or 10% of the workforce would be laid off.

In his message to staff, CEO Tobi Lutke admitted he had assumed continual growth in the eCommerce market when the COVID-19 pandemic forced many consumers into online shopping. Unfortunately, it was clear that was not the case.

In his communications, Tobi let people know what to expect throughout the day, and he informed people what supports would be made available to those laid off. Mainly, employees could expect to see a transparent approach to severance pay; support in finding new jobs through coaching, connections, or resume creation; and ongoing payment for new laptops and internet to support those who depend on this connectivity to find new jobs.

Results

Unlike many of the other organizations (e.g. Wayfair and Peloton) that have had to conduct layoffs in 2022, Shopify had a very positive reaction. Many employees took to LinkedIn to thank their previous employer for all that they had learned with the organization and to ask their network to support them in finding new opportunities. Below is a letter from the CEO:

The image contains a screenshot of a letter from the CEO.

Shopify, 2022.
Forbes, 2022.

Aligned to a Meaningful Vision

An organizational redesign must be aligned to a clear and meaningful vision of the organization.

Define the drivers for organizational redesign

And align the structure to execute on those drivers.

  • Your structure should follow your strategy. However, 83% of people in an organization do not fully understand the strategy (PWC, 2017).
  • How can employees be expected to understand why the IT organization needs to be restructured to meet a strategy if the strategy itself is still vague and unclear?
  • When organizations pursue a structural redesign, there are often a few major reasons:
    • Digital/organizational transformation
    • New organizational strategy
    • Acquisition or growth of products, services, or capabilities
    • The need to increase effectiveness
    • Cost savings
  • Creating a line of sight for your employees and leadership team will increase the likelihood that they want to adopt this structure.

“The goal is to align your operating model with your strategy, so it directly supports your differentiating capabilities.”

– PWC, 2017.

How to align structure to strategy

Recommended action steps:

  • Describe the end state of the organizational structure and how long you anticipate it will take to reach that state. It's important that employees be able to visualize the end state of the changes being made.
  • Ensure people understand the vision and goals of the IT organization. Are you having discussions about these? Are managers discussing these? Do people understand that their day-to-day job is intended to support those goals?
  • Create a visual:
    • The goals of the organization → align to the initiatives IT → which require this exact structure to deliver.
  • Do not assume people are willing to move forward with this vision. If people are not willing, assess why and determine if there are benefits specific to the individual that can support them in adopting the future state.
  • Define and communicate the risks of not making the organizational structure changes.

Info-Tech Insight

A trending organizational structure or operating model should never be the driver for an organizational redesign.

IT Leaders Are Not Set Up To Succeed

Empower these leaders to have difficult conversations.

Lacking key leadership capabilities in managers

Technical leaders are common in IT, but people leaders are necessary during the implementation of an organizational structure.

  • Managers are important during a transformational change for many reasons:
    • Managers play a critical role in being able to identify the skill gaps in employees and to help define the next steps in their career path.
    • After the sponsor (CIO) has communicated to the group the what and the why, the personal elements of the change fall to managers.
    • Managers’ displays of disapproval for the redesign can halt the transformation.
  • However, many managers (37%) feel uncomfortable talking to employees and providing feedback if they think it will elicit a negative response (Taylor Reach Group, 2019).
  • Unfortunately, organizational redesign is known for eliciting negative responses from employees as it generates fears around the unknown.
  • Therefore, managers must be able to have conversations with employees to further the successful implementation and adoption of the structure.

“Successful organizational redesign is dependent on the active involvement of different managerial levels."

– Marianne Livijn, “Managing Organizational Redesign: How Organizations Relate Macro and Micro Design.”

They might be managers, but are they leaders?

Recommended action steps:

  • Take time to speak with managers one on one and understand their thoughts, feelings, and understanding of the change.
  • Ensure that middle-managers have an opportunity to express the benefits they believe will be realized through the proposed changes to the organizational chart.
  • Provide IT leaders with leadership training courses (e.g. Info-Tech’s Leadership Programs).
  • Do not allow managers to start sharing and communicating the changes to the organizational structure if they are not demonstrating support for this change. Going forward, the group is all-in or not, but they should never demonstrate not being bought-in when speaking to employees.
  • Ensure IT leaders want to manage people, not just progress to a management position because they cannot climb a technical career ladder within the proposed structure. Provide both types of development opportunities to all employees.
  • Reduce the managers’ span of control to ensure they can properly engage all direct reports and there is no strain on the managers' time.

Info-Tech Insight

47% of direct reports do not agree that their leader is demonstrating the change behaviors. Often, a big reason is that many middle-managers do not understand their own attitudes and beliefs about the change.

Source: McKinsey & Company “How Do We Manage the Change Journey?”

Check out Info-Tech’s Build a Better Manager series to support leadership development

These blueprints will help you create strong IT leaders who can manage their staff and themselves through a transformation.

Build a Better Manager: Basic Management Skills

Build a Better Manager: Personal Leadership

Build a Better Manager: Manage Your People

Build Successful Teams

Transparent & Frequent Communication

Provide employees with several opportunities to hear information and ask questions about the changes.

Communication must be done with intention

Include employees in the conversation to get the most out of your change management.

  • Whether it is a part of a large transformation or a redesign to support a specific goal of IT, begin thinking about how you will communicate the anticipated changes and who you will communicate those changes to right away.
  • The first group of people who need to understand why this initiative is important are the other IT leaders. If they are not included in the process and able to understand the foundational drivers of the initiative, you should not continue to try and gain the support of other members within IT.
  • Communication is critical to the success of the organizational redesign.
  • Communicating the right information at the right time will make the difference between losing critical talent and emerging from the transition successfully.
  • The sponsor of this redesign initiative must be able to communicate the rationale of the changes to the other members of leadership, management, and employees.
  • The sponsor and their change management team must then be prepared to accept the questions, comments, and ideas that members of IT might have around the changes.

"Details about the new organization, along with details of the selection process, should be communicated as they are finalized to all levels of the organization.”

– Courtney Jackson, “7 Reasons Why Organizational Structures Fail.”

Two-way communication is necessary

Recommended action steps:

  • Don't allow rumors to disrupt this initiative – be transparent with people as early as possible.
  • If the organizational restructure will not result in a reduction of staff – let them know! If someone's livelihood (job) is on the line, it increases the likelihood of panic. Let's avoid panic.
  • Provide employees with an opportunity to voice their concerns, questions, and recommendations – so long as you are willing to take that information and address it. Even if the answer to a recommendation is "no" or the answer to a question is "I don't know, but I will find out," you've still let them know their voice was heard in the process.
  • As the CIO, ensure that you are the first person to communicate the changes. You are the sponsor of this initiative – no one else.
  • Create communications that are clear and understandable. Imagine someone who does not work for your organization is hearing the information for the first time. Would they be able to comprehend the changes being suggested?
  • Conduct a pulse survey on the changes to identify whether employees understand the changes and feel heard by the management team.

Info-Tech Insight

The project manager of the organizational redesign should not be the communicator. The CIO and the employees’ direct supervisor should always be the communicators of key change messages.

Communication spectrum

An approach to communication based on the type of redesign taking place

← Business-Mandated Organizational Redesign

Enable Alignment & Increased Effectiveness

IT-Driven & Strategic Organizational Redesign →

Reduction in roles

Cost savings

Requires champions who will maintain employee morale throughout

Communicate with key individuals ahead of time

Restructure of IT roles

Increase effectiveness

Lean on managers & supervisors to provide consistent messaging

Communicate the individual benefits of the change

Increase in IT Roles

Alignment to business model

Frequent and ongoing communication from the beginning

Collaborate with IT groups for input on best structure

Include Employees in the Redesign Process

Stop talking at employees and ensure they are involved in the changes impacting their day-to-day lives.

Employees will enable the change

Old-school approaches to organizational redesign have argued employee engagement is a hinderance to success – it’s not.

  • We often fail to include the employees most impacted by a restructuring in the redesign process. As a result, one of the top reasons employees do not support the change is that they were not included in the change.
  • A big benefit of including employees in the process is it mitigates the emergence of a rumor mill.
  • Moreover, being open to suggestions from staff will help the transformation succeed.
  • Employees can best describe what this transition might entail on a day-to-day basis and the supports they will require to succeed in moving from their current state to their future state.
    • CIOs and other IT leaders are often too far removed from the day-to-day to best describe what will or will not work.
  • When employees feel included in the process, they are more likely to feel like they had a choice in what and how things change.

"To enlist employees, leadership has to be willing to let things get somewhat messy, through intensive, authentic engagement and the involvement of employees in making the transformation work."

– Michael D. Watkins & Janet Spencer, “10 Reasons Why Organizational Change Fails.”

Empowering employees as change agents

Recommended action steps:

  • Do not tell employees what benefits they will gain from this new change. Instead, ask them what benefits they anticipate.
  • Ask employees what challenges they anticipate, and identify actions that can be taken to minimize those challenges.
  • Identify who the social influencers are in the organization by completing an influencer map. The informal social networks in your organization can be powerful drivers of change when the right individuals are brought onboard.
  • Create a change network using those influencers. The change network includes individuals who represent all levels within the organization and can represent the employee perspective. Use them to help communicate the change and identify opportunities to increase the success of adoption: “Engaging influencers in change programs makes them 3.8 times more likely to succeed," (McKinsey & Company, 2020).
  • Ask members of the change network to identify possible resistors of the new IT structure and inform you of why they might be resisting the changes.

Info-Tech Insight

Despite the persistent misconceptions, including employees in the process of a redesign reduces uncertainty and rumors.

Monitor employee engagement & adoption throughout the redesign

Only 22% of organizations include the employee experience as a part of the design process

– The Josh Bersin Company, 2022.
1 2 3
Monitor IT Employee Experience

When Prosci designed their Change Impact Analysis, they identified the ways in which roles will be impacted across 10 different components:

  • Location
  • Process
  • Systems
  • Tools
  • Job roles
  • Critical behaviors
  • Mindset/attitudes/beliefs
  • Reporting structure
  • Performance reviews
  • Compensation

Engaging employees in the process so that they can define how their role might be impacted across these 10 categories not only empowers the employee, but also ensures they are a part of the process.

Source: Prosci, 2019.

Conduct an employee pulse survey

See the next slide for more information on how to create and distribute this survey.

Employee Pulse Survey

Conduct mindful and frequent check-ins with employees

Process to conduct survey:

  1. Using your desired survey solution (e.g. MS Forms, SurveyMonkey, Qualtrics) input the questions into the survey and send to staff. A template of the survey in MS Forms is available here: IT Organizational Redesign Pulse Survey Template.
  2. When sending to staff, ensure that the survey is anonymous and reinforce this message.
  3. Leverage the responses from the survey to learn where there might be opportunities to improve the transformation experience (aligning the structure to the vision, employee inclusion, communication, or managerial support for the change). Review the recommended action steps in this research set for help.
  4. This assessment is intended for frequent but purposeful use. Only send out the survey when you have taken actions in order to improve adoption of the change or have provided communications. The Employee Pulse Survey should be reevaluated on a regular basis until adoption across all four categories reaches the desired state (80-100% adoption is recommended).

The image contains a screenshot of the employee pulse survey.

Define Key Metrics of Adoption & Success

Metrics have a dual benefit of measuring successful implementation and meeting the original drivers.

Measuring the implementation is a two-pronged approach

Both employee adoption and the transformation of the IT structure need to be measured during implementation

  • Organizations that are going through any sort of transformation – such as organizational redesign – should be measuring whether they are successfully on track to meet their target or have already met that goal.
  • Throughout the organizational structure transition, a major factor that will impact the success of that goal is employee willingness to move forward with the changes.
  • However, rather than measuring these two components using hard data, we rely on gut checks that let us know if we think we are on track to gaining adoption and operating in the desired future state.
  • Given how fluid employees and their responses to change can be, conducting a pulse survey at a regular (but strategically identified) interval will provide insight into where the changes will be adopted or resisted.

“Think about intentionally measuring at the moments in the change storyline where feedback will allow leaders to make strategic decisions and interventions.”

– Bradley Wilson, “Employee Survey Questions: The Ultimate Guide.”

Report that the organizational redesign for IT was a success

Recommended action steps:

  • Create clear metrics related to how you will measure the success of the organizational redesign, and communicate those metrics to people. Ensure the metrics are not contrary to the goals of other initiatives or team outcomes.
  • Create one set of metrics related to adoption and another set of metrics tied to the successful completion of the project objective.
    • Are people changing their attitudes and behaviors to reflect the required outcome?
    • Are you meeting the desired outcome of the organizational redesign?
  • Use the metrics to inform how you move forward. Do not attempt the next phase of the organizational transformation before employees have clearly indicated a solid understanding of the changes.
  • Ensure that any metrics used to measure success will not negatively interfere with another team’s progress. The metrics of the group need to work together, not against each other.

Info-Tech Insight

Getting 100% adoption from employees is unlikely. However, if employee adoption is not sitting in the 80-90% range, it is not recommended that you move forward with the next phase of the transformation.

Example sustainment metrics

Driver Goal Measurement Key Performance Indicator (KPI)
Workforce Challenges and Increased Effectiveness Employee Engagement The change in employee engagement before, during, and after the new organizational structure is communicated and implemented.
Increased Effectiveness Alignment of Demand to Resources Does your organization have sufficient resources to meet the demands being placed on your IT organization?
Increased Effectiveness and Workforce Challenges Role Clarity An increase in role clarity or a decrease in role ambiguity.

Increased Effectiveness

Reduction in Silos

Employee effectiveness increases by 27% and efficiency by 53% when provided with role clarity (Effectory, 2019).
Increased Effectiveness Reduction in Silos Frequency of communication channels created (scrum meetings, Teams channels, etc.) specific to the organizational structure intended to reduce silos.
Operating in a New Org. Structure Change Adoption Rate The percentage of employees who have adopted their defined role within the new organizational chart in 3-, 6-, and 12-month increments.
Workforce Challenges Turnover Rate The number of employees who voluntarily leave the organization, citing the organizational redesign.
Workforce Challenges Active Resistors The number of active resistors anticipated related to the change in organizational structure versus the number of active resistors that actually present themselves to the organizational restructuring.
New Capabilities Needed Gap in Capability Delivery The increase in effectiveness in delivering on new capabilities to the IT organization.
Operating in a New Org. Structure Change Adoption Rate The percentage of employees who found the communication around the new organizational structure clear, easy to understand, and open to expressing feedback.
Lack of Business Understanding or Increased Effectiveness Business Satisfaction with IT Increase in business satisfaction toward IT products and services.
Workforce Challenges Employee Performance Increase in individual employee performances on annual/bi-annual reviews.
Adoption Pulse Assessment Increase in overall adoption scores on pulse survey.
Adoption Communication Effectiveness Reduction in the number of employees who are still unsure why the changes are required.
Adoption Leadership Training Percentage of members of leadership attending training to support their development at the managerial level.

Change Management ≠ Project Management

Stop treating the two interchangeably.

IT organizations struggle to mature their OCM capabilities

Because frankly they didn’t need it

  • Change management is all about people.
  • If the success of your organization is dependent on this IT restructuring, it is important to invest the time to do it right.
  • This means it should not be something done off the side of someone's desk.
  • Hire a change manager or look to roles that have a responsibility to deliver on organizational change management.
  • While project success is often measured by if it was delivered on time, on budget, and in scope, change management is adaptable. It can move backward in the process to secure people's willingness to adopt the required behaviors.
  • Strategic organizations recognize it’s not just about pushing an initiative or project forward. It’s about making sure that your employees are willing to move that initiative forward too.
  • A major organizational transformation initiative like restructuring requires you lean into employee adoption and buy-in.

“Only if you have your employees in mind can you implement change effectively and sustainably.”

– Creaholic Pulse Feedback, “Change Management – And Why It Has to Change.”

Take the time to educate & communicate

Recommended action steps:

  • Do not treat change management and project management as synonymous.
  • Hire a change manager to support the organizational redesign transformation.
  • Invest the resources (time, money, people) that can support the change and enable its success. This can look like:
    • Training and development.
    • Hiring the right people.
    • Requesting funds during the redesign process to support the transition.
  • Create a change management plan – and be willing to adjust the timelines or actions of this plan based on the feedback you receive from employees.
  • Implement the new organizational structure in a phased approach. This allows time to receive feedback and address any fears expressed by staff.

Info-Tech Insight

OCM is often not included or used due to a lack of understanding of how it differs from project management.

And an additional five experts across a variety of organizations who wish to remain anonymous.

Research Contributors and Experts

Info-Tech Research Group

Amanda Mathieson Research Director Heather Munoz Executive Counselor Valence Howden Principal Research Director
Ugbad Farah Research Director Lisa Hager Duncan Executive Counselor Alaisdar Graham Executive Counselor
Carlene McCubbin Practice Lead

Related Info-Tech Research

Redesign Your IT Organizational Structure

Build a Strategic IT Workforce Plan

Implement a New IT Organizational Structure

  • Organizational redesign is only as successful as the process leaders engage in.
  • Benchmarking your organizational redesign to other organizations will not work.
  • You could have the best IT employees in the world, but if they aren’t structured well, your organization will still fail in reaching its vision.
  • A well-defined strategic workforce plan (SWP) isn’t just a nice-to-have, it’s a must-have.
  • Integrate as much data as possible into your workforce plan to best prepare you for the future. Without knowledge of your future initiatives, you are filling hypothetical holes.
  • To be successful, you need to understand your strategic initiatives, workforce landscape, and external and internal trends.
  • Organizational design implementations can be highly disruptive for IT staff and business partners. Without a structured approach, IT leaders may experience high turnover, decreased productivity, and resistance to change.
  • CIOs walk a tightrope as they manage operational and emotional turbulence while aiming to improve business satisfaction with IT. Failure to achieve balance could result in irreparable failure.

Bibliography

Aronowitz, Steven, et al. “Getting Organizational Design Right,” McKinsey, 2015. Web.
Ayers, Peg. “5 Ways to Engage Your Front-Line Staff.” Taylor Reach Group, 2019. Web.
Bushard, Brian, and Carlie Porterfield. “Meta Reportedly Scales Down, Again – Here Are the Major US Layoffs This Year.” Forbes, September 28, 2022. Web.
Caruci, Ron. “4 Organizational Design Issues that Most Leaders Misdiagnose.” Harvard Business Review, 2019.
“Change Management – And Why It Has to Change.” Creaholic Pulse Feedback. Web.
“Communication Checklist for Achieving Change Management.” Prosci, 27 Oct. 2022. Web.
“Defining Change Impact.” Prosci. 29 May 2019. Web.
“The Definitive Guide To Organization Design.” The Josh Bersin Company, 2022.
Deshler, Reed. “Five Reasons Organizational Redesigns Fail to Deliver.” AlignOrg. 28 Jan. 2020. Web.
The Fit for Growth Mini Book. PwC, 12 Jan. 2017.
Helfand, Heidi. Dynamic Reteaming: The Art and Wisdom of Changing Teams. 2nd ed., O’Reilly Media, 2020.
Jackson, Courtney. “7 Reasons Why Organizational Structures Fail.” Scott Madden Consultants. Web.
Livijn, Marianne. Managing Organizational Redesign: How Organizations Relate Macro and Micro Design. Doctoral dissertation. Department of Management, Aarhus University, 2020.
Lutke, Tobias. “Changes to Shopify’s Team.” Shopify. 26 July 2022.
McKinsey & Company. “How Do We Manage the Change Journey?” McKinsey & Company.2020.
Pijnacker, Lieke. “HR Analytics: Role Clarity Impacts Performance.” Effectory, 29 Sept. 2019. Web.
Tompkins, Teri C., and Bruce G. Barkis. “Conspiracies in the Workplace: Symptoms and Remedies.” Graziadio Business Review, vol. 21, no. 1, 2021.Web.
“Understanding Organizational Structures.” SHRM,2022.
Watkins, Michael D., and Janet Spencer. “10 Reasons Why Organizational Change Fails.” I by IMD, 10 March 2021. Web.
Wilson, Bradley. “Employee Survey Questions: The Ultimate Guide.” Perceptyx, 1 July 2020. Web.

2020 Security Priorities Report

  • Buy Link or Shortcode: {j2store}245|cart{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Security Strategy & Budgeting
  • Parent Category Link: /security-strategy-and-budgeting

Use this deck to learn what projects security practitioners are prioritizing for 2020. Based on a survey of 460 IT security professionals, this report explains what you need to know about the top five priorities, including:

  • Signals and drivers
  • Benefits
  • Critical uncertainties
  • Case study
  • Implications

While the priorities should in no way be read as prescriptive, this research study provides a high-level guide to understand that priorities drive the initiatives, projects, and responsibilities that make up organizations' security strategies.

Our Advice

Critical Insight

There is always more to do, and if IT leaders are to grow with the business, provide meaningful value, and ascend the ladder to achieve true business partner and innovator status, aggressive prioritization is necessary. Clearly, security has become a priority across organizations, as security budgets have continued to increase over the course of 2019. 2020’s priorities highlight that data security has become the thread that runs through all other security priorities, as data is now the currency of the modern digital economy. As a result, data security has reshaped organizations’ priorities to ensure that data is always protected.

Impact and Result

Ultimately, understanding how changes in technology and patterns of work stand to impact the day-to-day lives of IT staff across seniority and industries will allow you to evaluate what your priorities should be for 2020. Ensure that you’re spending your time right. Use data to validate. Prioritize and implement.

2020 Security Priorities Report Research & Tools

Start here – read the Executive Brief

This storyboard will help you understand what projects security practitioners are prioritizing for 2020.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Data security

Data security often rubs against other organizational priorities like data quality, but organizations need to understand that the way they store, handle, and dispose of data is now under regulatory oversight.

  • 2020 Security Priorities Report – Priority 1: Data Security

2. Cloud security

Cloud security means that organizations can take advantage of automation tools not only for patching and patch management but also to secure code throughout the SDLC. It is clear that cloud will transform how security is performed.

  • 2020 Security Priorities Report – Priority 2: Cloud Security

3. Email security

Email security is critical, since email continues to be one of the top points of ingress for cyberattacks from ransomware to business email compromise.

  • 2020 Security Priorities Report – Priority 3: Email Security

4. Security risk management

Security risk management requires organizations to make decisions based on their individual risk tolerance on such things as machine learning and IoT devices.

  • 2020 Security Priorities Report – Priority 4: Security Risk Management

5. Security awareness and training

Human error continues to be a security issue. In 2020, organizations should tailor their security awareness and training to their people so that they are more secure not only at work but also in life.

  • 2020 Security Priorities Report – Priority 5: Security Awareness and Training
[infographic]

Modernize and Transform Your End-User Computing Strategy

  • Buy Link or Shortcode: {j2store}308|cart{/j2store}
  • member rating overall impact (scale of 10): 9.6/10 Overall Impact
  • member rating average dollars saved: $34,982 Average $ Saved
  • member rating average days saved: 25 Average Days Saved
  • Parent Category Name: End-User Computing Strategy
  • Parent Category Link: /end-user-computing-strategy

IT needs to answer these questions:

  • What types of computing devices, provisioning models, and operating systems should be offered to end users?
  • How will IT support devices?
  • What are the policies and governance surrounding how devices are used?
  • What actions are we taking and when?
  • How do end-user devices support larger corporate priorities and strategies?

Your answers need to balance choice, risk, and cost.

Our Advice

Critical Insight

  • Even if a user has a prestigious tablet, if the apps aren’t built well, they can’t get support on it, or they can’t connect, then that device is useless. Focus on supportability, use cases, connection, and policy – and the device.

Impact and Result

  • Identify desired benefits that align to IT and corporate priorities and strategies.
  • Perform a persona analysis.
  • Define a vision for end-user computing.
  • Define the standard device and app offerings.
  • Improve the supporting services surrounding devices.
  • Develop a roadmap for implementing your strategy.

Modernize and Transform Your End-User Computing Strategy Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. End-User Computing Strategy Deck – A step-by-step document to walk you through end-user computing trends and processes to improve customer satisfaction.

This storyboard will help you identify your goals, build standard offerings for users, define governance and policies around offerings, and develop a roadmap for your EUC program.

  • Modernize and Transform Your End-User Computing Strategy – Phases 1-3

2. End-User Computing Strategy Template – A repository for your current-state and persona analysis to identify technology requirements for each user group.

Use these templates to document your end-user computing strategy. Follow the guidelines in the blueprint and record activity results in the template. The findings will be presented to the management team.

  • End-User Computing Strategy Template
  • User Group Analysis Workbook

3. End-User Computing Ideas Catalog and Standard Offering Guide – Templates that guide you to document the outcome from persona analysis to define standard offerings and policies.

The Ideas Catalog introduces provisioning models, form factors, and supported operating systems. Use the Standard Offering Template to document provisioning models and define computing devices along with apps and peripherals according to the outcome of the user group analysis.

  • Standard End-User Entitlements and Offerings Template
  • End-User Computing Ideas Catalog

4. End-User Computing Policies – Policies that establish requirements for end-user computing.

Use these policy templates to communicate the purposes behind each end-user computing decision and establish company standards, guidelines, and procedures for the purchase of technologies. The policies will ensure purchasing, reimbursement, security, and remote wiping enforcements are consistent and in alignment with the company strategy.

  • Mobile Device Connectivity & Allowance Policy
  • Purchasing Policy
  • Mobile Device Reimbursement Agreement
  • Mobile Device Reimbursement Policy
  • BYOD Acceptable Use Policy
  • Mobile Device Remote Wipe Waiver Template
  • General Security – User Acceptable Use Policy
  • Device Entitlement Policy Template

Infographic

Workshop: Modernize and Transform Your End-User Computing Strategy

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Set the Direction

The Purpose

Dig into the current state and build user persona.

Key Benefits Achieved

Determine your challenges and strengths.

Delineate user IT requirements.

Activities

1.1 Assess the current state of end-user computing.

1.2 Perform SWOT analysis.

1.3 Map benefits to stakeholder drivers and priorities.

1.4 Identify user groups.

1.5 Identify supporting technology.

1.6 Identify opportunities to provide value.

Outputs

SWOT analysis of current state

Goals cascade

Persona analysis

2 Define the Offering

The Purpose

Define your EUC vision and standard offerings.

Key Benefits Achieved

Brainstorm EUC vision and mission.

Find out the standard offerings.

Set the direction for end-user computing to support shift-left enablement.

Activities

2.1 Prioritize benefits.

2.2 Craft a vision and mission statement.

2.3 Identify goals.

2.4 Define guiding principles for your strategy.

2.5 Select a provisioning model for each persona.

2.6 Define the standard device offerings.

2.7 Document each persona's entitlements.

Outputs

Vision statement, mission statement, and guiding principles

Goals and indicators

End-user device entitlements standard

3 Support the Offering

The Purpose

Outline supporting practices and define policies for each use case.

Key Benefits Achieved

Document supporting practices.

Document EUC policies.

Activities

3.1 Define device management tools and approach.

3.2 Identify groups involved in supporting practices.

3.3 Identify opportunities to improve customer service.

3.4 Define acceptable use.

3.5 Define BYOD policies.

3.6 Define procurement and entitlement policies.

3.7 Define security policies.

Outputs

List of management tools for end-user computing

Roles and responsibilities for maintaining the end-user computing environment

Opportunities to improve customer service

End-user computing policy templates

4 Bridge the Gap and Create the Roadmap

The Purpose

Build a user migration roadmap.

Key Benefits Achieved

Make the project a reality by documenting initiatives and building a roadmap.

Activities

4.1 Identify the gaps in devices, user support, use cases, policy & governance, and fitness for use.

4.2 Plan the deployment and user migration journey.

4.3 Document initiatives in the roadmap.

Outputs

Initiatives mapped to practice areas

User migration journey map

Further reading

Modernize and Transform Your End-User Computing Strategy

Support the workforce of the future.

EXECUTIVE BRIEF

Analyst Perspective

Focus beyond the device

It’s easy to think that if we give end users nice devices, then they will be more engaged and they will be happy with IT. If only it were that easy.

Info-Tech Research Group has surveyed over 119,000 people through its CIO Business Vision diagnostic. The results show that a good device is necessary but not enough for high satisfaction with IT. Once a user has a decent device, the other aspects of the user’s experience has a higher impact on their satisfaction with IT.

After all, if a person is trying to run apps designed in the 1990s, if they are struggling to access resources through an underperforming VPN connection, or if they can’t get help when their devices and apps aren’t working, then it doesn’t matter that you gave them a state-of-the-art MacBook or Microsoft Surface.

As you build out your end-user computing strategy to reflect the new reality of today’s workforce, ensure you focus on shifting user support left, modernizing apps to support how users need to work, and ensuring that your network and collaboration tools can support the increased demands. End-user computing teams need to focus beyond the device.

Ken Weston, ITIL MP, PMP, Cert.APM, SMC

Research Director, Infrastructure and Operations Info-Tech Research Group

Mahmoud Ramin, PhD

Senior Research Analyst, Infrastructure and Operations Info-Tech Research Group

Executive Summary

Your Challenge

IT needs to answer these questions:

  • What types of computing devices, provisioning models, and operating systems (OSes) should be offered to end users?
  • How will IT support devices?
  • What are the policies and governance surrounding how devices are used?
  • What actions are we taking and when?
  • How do end-user devices support larger corporate priorities and strategies?

Your answers need to balance choice, risk, and cost.

Common Obstacles

Management paradigms have shifted:

  • OSes, device management, and IT asset management (ITAM) practices have changed.
  • Users expect full capabilities on any personal device.
  • Virtual desktops are switching to the cloud.
  • Low-code/no-code platforms allow the business to manage their own apps or comanage with IT.
  • Work-from-anywhere is the default.
  • Users have higher customer service expectations.

Take end-user computing beyond the OS.

Info-Tech's Approach

This blueprint will help you:

  • Identify desired benefits that align to IT and corporate priorities and strategies.
  • Perform a persona analysis.
  • Define a vision for end-user computing.
  • Define the standard device and app offerings.
  • Improve the supporting services surrounding devices.
  • Develop a roadmap for implementing your strategy.

A good device is necessary for satisfaction with IT but it’s not enough.

If a user has a prestigious tablet but the apps aren’t built well, they can’t get support on it, or they can’t connect to the internet, then that device is useless. Focus on supportability, use cases, connection, policy – and device.

Your challenge

This blueprint will help you build a strategy that answers these questions:

  • What types of computing devices should be offered to end users?
  • What provisioning models will be used?
  • What operating systems are supported?
  • How will IT support devices?
  • What are the policies and governance surrounding how devices are used?
  • What actions are we taking and when?
  • How do end-user devices support larger corporate priorities and strategies?

Definition: End-User Computing (EUC)

End-user computing (EUC) is the domain of information and technology that deals with the devices used by workers to do their jobs. EUC has five focus areas: devices, user support, use cases, policy & governance, and fitness for use.

A good end-user computing strategy will effectively balance:

User Choice

Cost

Risk

The right balance will be unique for every organization.

Strike the right balance

The discussion is larger than desktop support

If IT is an influencer, then you get to drive this conversation. If IT is not an influencer, then you need to support whatever option the business wants.

Cost Risk Choice Result
Higher Education High importance Low importance High importance Full BYOD for professors. Standardized offerings for administration.
Software Development Firms Low importance Medium/High importance High importance Standardized offerings for developers. Virtual desktops for users on BYOD.
Legal Firm Medium importance High importance Low importance Partners offered prestigious devices. Everyone else uses Windows PCs. Virtual desktops and apps for remote access.

Healthcare

High importance High importance Low importance Nurses, janitors, and other frontline staff use shared tablets. Doctors are provisioned their own tablet. Admin staff and doctors are provisioned virtual desktops to maintain security and compliance.
Government High importance High importance Low importance Standardized PC offerings for all employees. MacBooks are provided with justification. Devices managed with Intune and ConfigMgr.

Good devices are necessary for overall IT satisfaction

BUT

Good devices are not enough for high satisfaction

A bad device can ruin a person’s satisfaction with IT

Info-Tech’s CIO Business Vision has shown that when someone is dissatisfied with their device, their satisfaction with IT overall is only 40.92% on average.

When a person is satisfied with their device, their average satisfaction increases by approximately 30 percentage points to 70.22%. (Info-Tech Research Group, CIO Business Vision, 2021; N=119,383)

The image is a bar graph, with the Y-axis labelled Overall IT Satisfaction. There are two bars, one labelled Satisfied With Devices, which is at 70.22%, and the other labelled Dissatisfied With Devices, which is at 40.92%.

Improvements in the service desk, business apps, networks and communication infrastructure, and IT policy all have a higher impact on increasing satisfaction.

For every one-point increase in satisfaction in those areas, respondents’ overall satisfaction with IT increased by the respective percentage of a point. (Info-Tech Research Group, CIO Business Vision, 2021; N=119,409)

The image shows a graphic of five arrows pointing upwards. They are labelled (from right to left): Devices--42.20%; IT Policy--45.90%; Network & Comms Infra--59.49%; Business Apps--63.89%; Service Desk--65.19%, 1.54 times the impact of devices.

End-User Paradigms Have Shifted

Take end-user computing beyond the device

Operating System - OS

Only Windows

  • More choices than ever before

Endpoint Management System - UEM

Group Policy & Client Management

  • Modern & Unified Endpoint Management

Personal Devices - BYOD

Limited to email on phones

  • Full capabilities on any device

IT Asset Management - ITAM

Hands-on with images

  • Zero-touch with provisioning packages

Virtual Desktops - DaaS

Virtual Desktop Infrastructure in the Data Center

  • Desktop-as-a-Service in the cloud

Business-Managed Apps - BMA

Performed by IT

  • Performed by the Business and IT

Work-From-Anywhere - WFA

Rare

  • Default

Customer Satisfaction - C Sat

Phone calls and transactional interactions

  • Self-serve & managing entire experience

Don’t limit your focus to only Windows and Macs

Android is the OS with the largest market share

Users and IT have more choices than ever before

Operating System - OS

Only Windows

  • More choices than ever before

Microsoft is still the dominant player in end-user computing, but Windows has only a fraction of the share it once had.

IT needs to revisit their device management practices. Modern management tools such as unified endpoint management (UEM) tools are better suited than traditional client management tools (CMT) for a cross-platform world.

IT must also revisit their application portfolios. Are business apps supported on Android and iOS or are they only supported on Windows? Is there an opportunity to offer more options to end users? Are end users already running apps and handling sensitive data on Android and iOS through software-as-a-service and bring-your-own-device (BYOD) capabilities in Office 365 and Google apps?

The image shows a bar graph titled OS Market Share, 2011-2021. On the x-axis are OS names with a bar in blue representing their market share in 2011, and a bar in purple showing their market share in 2021. The data shown is as follows: Windows--85.98% (2011), 31.62% (2021); Android--1.22% (2011), 40.85% (2021); iOS--2.1% (2011), 16.42% (2021); Mac OS X--6.19% (2011); 6.8% (2021); Other--4.51% (2011), 4.31% (2021). Source: StatCounter Global Stats.

OS market share is partly driven by the digital divide

If someone must choose between a smartphone and a computer, they go with a smartphone

IT can’t expect everyone to be fluent on Windows and Mac, have a computer at home, or even have home broadband.

Of US adults aged 18-29:

  • 96% have a smartphone (the rest have cellphones).
  • Only 70% of US adults aged 18-29 have a home broadband connection.

Further, only 59% of US adults making less than $30,000/year have a laptop or desktop. (“Mobile Technology” and “Digital Divide,” Pew Research, 2021.)

Globally, people are likelier to have a cell subscription than they are to have access to broadband.

The image is a bar graph, with a list of countries on the X-axis, with each having two bars: blue indicating Fixed Broadband Subscriptions per 100 people and purple indicating Mobile Cellular Subscriptions per 100 people. In all listed countries, the number of Mobile Cellular Subscriptions per 100 people is higher than Fixed Broadband Subscriptions. Source: The World Bank, 2020. Most recent data for USA mobile cellular subscriptions is from 2019.

Embrace new device management paradigms

Endpoint Management System - UEM

Group Policy & Client Management

  • Modern & Unified Endpoint Management

Evaluate enterprise mobility management and unified endpoint management to better support a remote-first, cross-platform reality.

Client Management Tool (CMT)

CMTs such as Microsoft Endpoint Configuration Manager (ConfigMgr, aka SCCM) can be used to distribute apps, apply patches, and enforce group policy.

Enterprise Mobility Management (EMM)

EMM tools allow you to manage multiple device platforms through mobile device management (MDM) protocols. These tools enforce security settings, allow you to push apps to managed devices, and monitor patch compliance through reporting.

EMM tools often support mobile application management (MAM) and mobile content management (MCM). Most EMM tools can manage devices running Windows, Mac OS, iOS, and Android, although there are exceptions.

Unified Endpoint Management (UEM)

UEM solutions combine CMT and EMM for better control of remote computers running Windows or Macs. Examples include:

  • Windows devices comanaged by Intune and ConfigMgr.
  • Mac devices managed by Jamf Pro.
  • Mac devices comanaged by Jamf Pro and Intune.

Most UEM tools can manage devices running Windows, Mac OS, iOS, and Android, allowing IT to manage all end-user devices from a unified tool set (although there are exceptions).

Mobile Application Management (MAM)

MAM provides the ability to package an app with security settings, distribute app updates, and enforce app updates. Some capabilities do not require apps to be enrolled in an EMM or UEM solution.

Mobile Content Management (MCM)

MCM tools distribute files to remote devices. Many MCM solutions allow for security settings to be applied, such as encrypting the files or prohibiting data from leaving the secure container. Examples include OneDrive, Box, and Citrix ShareFile.

Adopt modern management with EMM and UEM – better toolsets for today’s state of EUC

Sacrifice your Group Policy Objects to better manage Windows computers

Windows Management Features Traditional CMT Hybrid UEM Cloud-Based EMM
Group Policy ✔ Primary management approach ✔ Available alongside configuration service providers X Replaced by configuration service providers
Manage remote devices without VPN X X
No longer manage and maintain images X ✔ Images are still available ✔ Images replaced by provisioning packages
Secure and support BYOD X (Certain tools may offer limited MDM capabilities)
Support remote zero-touch provisioning X (Only available via PXE boot)
App, patch, update deployments Via defined distribution points Via defined distribution points or MAM Via MAM

IT asset management practices are shifting

IT Asset Management - ITAM

Hands-on with images

  • Zero-touch with provisioning packages

Supply chain issues are making computers longer to procure, meaning users are waiting longer for computers (Cision, 2021). The resulting silicon chip shortage is expected to last until at least 2023 (Light Reading, 2021).

IT departments are delaying purchases, delaying refreshes, and/or purchasing more to reserve devices before they need them.

Remote work has increased by 159% over the past 12 years (NorthOne, 2021). New hires and existing users can’t always go into the office to get a new computer.

IT departments are paying vendors to hold onto computers and then drop-ship them directly to the end user. The devices are provisioned using zero touch (e.g. Autopilot, Apple Device Manager, or another tool). Since zero-touch provisioning tools do not support images, teams have had to switch to provisioning packages.

The pandemic saw an increase in spending on virtual desktops

Virtual desktops offered powerful tools for supporting remote devices and personal computers without compromising sensitive data

Virtual Desktops - DaaS

Virtual Desktop Infrastructure in the Data Center

  • Desktop-as-a-Service in the cloud

The pandemic helped cloud-based virtual desktop infrastructure (VDI)

Citrix saw subscription revenue increase 71% year over year in 2020 (Citrix 2020 Annual Report, p. 4). VMware saw subscription and SaaS revenue increase 38% from January 2020 to 2021 – while on-premises licensing revenue decreased by 5% (VMware Annual Report 2021, p. 40).

IT no longer needs to manage the underlying infrastructure

Microsoft and AWS are offering desktops as a service (i.e. cloud-based virtual desktops). IT needs to manage only the device, not the underlying virtual desktop infrastructure. This is in addition to Citrix’s and VMware’s cloud offerings, where IT doesn’t need to manage the underlying infrastructure that supports VDI.

Visit the blueprint Implement Desktop Virtualization and Transition to Everything as a Service to get started.

Work-from-anywhere (WFA) is now the default

COVID-19 forced this shift

Work-From-Anywhere - WFA

Rare

  • Default

Be prepared to support a hybrid workforce, where people are sometimes working remotely and sometimes working in the office.

  • Device provisioning and deployment need to be rethought. In-person deployment is not always possible. IT should evaluate tools such as zero-touch provisioning.
  • Service desks need better monitoring and management tools. End-user experience management (EUEM) can allow you to better identify where network issues are occurring – in your data center, at the user’s house, in the cloud, or somewhere in between. Remote control tools can then allow your tier 1 to remediate issues on the user’s device.
  • Apps and devices need to be usable from anywhere. Environments that rely on desktops and on-premises apps need to be rearchitected for a remote-first workforce.
  • Users are living inside video conferencing tools. With the impact of the COVID-19 pandemic, there are about 145 million daily users of Microsoft Teams, almost twice the number of users in 2020 (MUO, 2021). Ensure they have the training and expertise to effectively use these tools.

“More technical troubleshooting due to users working from home a lot more. It can be more difficult to talk users through fixes when they are off site if you cannot remotely assist so more emphasis on the communication skill which was already important.” (Service Desk Institute, 2021)

Visit the Hybrid Workplace Research Center to better support a hybrid workforce.

BYOD fully includes personal computers

It’s no longer about whether IT will allow BYOD

Stop pretending BYOD doesn’t happen

Personal Devices - BYOD

Limited to email on phones

  • Full capabilities on any device
  • BYOD (including BYOPC) is turned on by default. SaaS tools like Office 365 are built to be used on multiple devices, including multiple computers. Further, the pandemic saw 47% of organizations significantly increase their use of BYOD (Cybersecurity Insiders, 2021; N=271).
  • BYOD can boost productivity. When employees can use smartphones for work, they report that it increases their productivity by 34 percent (Samsung Insights, 2016).
  • BYOD is hard to support, so most organizations don’t. Only 22% of organizations provide full support for mobile devices, while 20% provide no support, 25% provide ad hoc support, and 26% provide limited support (Cybersecurity Insiders, 2021). If smartphones and tablets are heavily ingrained in business processes, then migrating to BYOD can overload the service desk.
  • Securely enable employees. Mobile application management (MAM), mobile content management (MCM), and Office 365 have gotten smarter at protecting corporate data.

Action Item: Identify how IT can provide more support to personally owned computers, tablets, and smartphones.

58% of working Americans say their work devices are “awful to work on." (PCMag, 2021)

But only 22% of organizations provide full support to BYOD. (Cybersecurity Insiders, 2021)

IT must either provide better devices or start fully supporting users on personal PCs.

Build governance practices for low-code development platforms

Managing 1,000 different apps built out on low-code business process management platforms is hard, but it’s not nearly as hard as managing 1,000 unique SaaS apps or access databases

Business-Managed Apps - BMA

Performed by IT

  • Performed by the Business and IT

Pros - Opportunities

  • Offers DIY to users
  • Business can build them quickly
  • IT has central visibility
  • IT can focus on the platform

Cons - Threats

  • Sensitive data can get exposed
  • Users may have issues with continuity and backup
  • Responding to platform changes will be potentially challenging
  • Support may be difficult after the app creator leaves

Action Item: Build a governance framework that describes the roles and responsibilities involved in business-owned apps. Identify the user’s role and end-user computing’s role in supporting low-code apps.

Visit the blueprint Embrace Business-Managed Apps to learn how to build a governance framework for low-code development platforms.

Visit the Low-Code Business Process Management SoftwareReviews category to compare different platforms.

Update your customer service practices

End users expect self-service and help from tier 1

Re-evaluate how you support both corporate-issued and personal-owned computers and mobile devices

Customer Satisfaction - C Sat

Phone calls and transactional interactions

  • Self-serve & managing entire experience

Microsoft’s 2019 “Global State of Customer Service” report shows that people have high expectations:

  • 31% of people expect call agents to have a “deep understanding of the caller’s relationship with the company”
  • 11% expect self-service capabilities

End users have the same expectations of IT, the service desk, and end-user computing teams:

  • Users expect any IT person with whom they are talking to have a deep understanding of their devices, apps, open tickets, and closed tickets.
  • Users expect tier 1 to be able to resolve their incidents and requests without escalating to tier 2 or tier 3 end-user computing specialists.

Most Important Aspects of Customer Service

Resolving issue in one interaction - 35%

Knowledgeable agent - 31%

Finding information myself - 11%

Not repeating information - 20%

(Microsoft, 2019)

Desktop engineering needs to shift left

Revisit what work can only be done by tier 2 and tier 3 teams

Shifting left involves shifting resolution of incidents and service requests down from more costly resources to the first line of support and to end users themselves through self-service options

  • Tier 1 needs up-to-date information on the end users’ devices and open tickets.
  • Users should be able to request apps and download those apps through a self-service portal, a software catalog, or an app store.
  • Tier 1 needs to be empowered to remote wipe devices, see troubleshooting and diagnostics information, and resolve incidents without needing to escalate.

Action Item: Apply shift-left enablement to train tier 1 agents on troubleshooting more incidents and fulfilling more service requests. Build top-notch self-service capabilities for end users.

The image is a graphic titled Shift-Left Strategy. At the top, it lists Auto-Fix; User, Tier 1, Tier 2/3, and Vendor. On the left, it lists Metrics vertically: Cost, Time, Satisfaction. A bar displays how high or low the metric is based on the categories listed at the top.

Work with your service desk on the blueprint Optimize the Service Desk with a Shift-Left Strategy.

Windows 11 is coming

Prepare to make the jump

The sooner you start, the easier the migration will be

  • Begin planning hardware refreshes. Old computers that do not have a TPM 2.0 chip are not currently supported on Windows 11 (“Enable TPM 2.0,” Microsoft, 2021). If you have old computers that will not support the jump to Windows 11– especially given the supply chain disruptions and silicon chip shortages – it is time to consider computer upgrades.
  • The end of Windows 10 is coming. Windows 10’s retirement date is currently October 14, 2025 (“Windows 10 Home and Pro,” Microsoft, 2021). If you want to continue running Windows 10 on older computers beyond that time, you will need to pay for extended support or risk those computers being more easily breached.
  • Begin testing your apps internally. Run Windows 11 within IT and test whether your apps will work on Windows 11.
  • Pilot Windows 11 with IT-friendlies. Find users that are excited for Windows 11 and will not mind a bit of short-term pain.
  • What is your risk appetite? Risk-averse organizations will want to wait until Microsoft, DISA, and/or Center for Internet Security have published security configuration best practices.

Info-Tech’s approach

Master the ever-expanding puzzle of end-user computing

User Group Analysis

Supported Devices and Apps

Fitness for Use

Device Support

The Info-Tech difference:

  1. Balance user choice, risk mitigation, and cost optimization. The right balance will be unique for every organization.
  2. Standardize the nonstandard. Anticipate your users’ needs by having power options and prestigious options ready to offer.
  3. Consider multiple personas when building your standards, training, and migrations. Early Adopters, Late Adopters, VIP Users, Road Warriors, and Hoarders – these five personas will exist in one form or another throughout your user groups.

Modernize and Transform Your End-User Computing Strategy

Focus on the Big Picture

End-User Paradigms Have Shifted

Take end-user computing beyond the device

Operating System - OS

Only Windows

  • More choices than ever before

Endpoint Management System - UEM

Group Policy & Client Management

  • Modern & Unified Endpoint Management

Personal Devices - BYOD

Limited to email on phones

  • Full capabilities on any device

IT Asset Management - ITAM

Hands-on with images

  • Zero-touch with provisioning packages

Virtual Desktops - DaaS

Virtual Desktop Infrastructure in the Data Center

  • Desktop-as-a-Service in the cloud

Business-Managed Apps - BMA

Performed by IT

  • Performed by the Business and IT

Work-From-Anywhere - WFA

Rare

  • Default

Customer Satisfaction - C Sat

Phone calls and transactional interactions

  • Self-serve & managing entire experience

Don't just focus on the device!

Improvements in the service desk, business apps, networks and communication infrastructure, and IT policy have a higher impact on increasing satisfaction.

Impact of End-User Satisfaction of IT by Area Compared to Devices

Devices (x1.0)

IT Policy (x1.09)

Network & Communications Infrastructure (x1.41)

Business Apps (x1.51)

Service Desk (x1.54)

(Info-Tech Research Group, CIO Business Vision, 2021; n=119,409)

Build your strategy with these components...

End-User Group Analysis

  • Work location
  • Information interactions
  • Apps
  • Data and files
  • Business capabilities
  • Current offering
  • Pain points
  • Desired gains

Supported Devices & Apps

  • Primary computing device offerings
  • Power computing device offering
  • Prestigious device offerings
  • Secondary computing device offerings
  • Provisioning models
  • Standard apps
  • Peripherals

Device Support

  • Self-service
  • Service Desk
  • Specialists

Fitness for Use

  • Organizational policies
  • Security policies

Vision

...to answer these questions:

  1. What devices will people have?
  2. How will you support these devices?
  3. How will you govern these devices?

Balance choice, risk, and cost

The right balance will be unique for every organization. Get the balance right by aligning your strategy's goals to senior leadership’s most important priorities.

  • User choice
  • Risk
  • Cost

+ Standardize the non-standard

Have a more prestigious option ready for users, such as VIPs, who want more than the usual offerings. This approach will help you to proactively anticipate your users' needs.

+Consider multiple personas when building your standards, training, and migrations

These five personas will exist in one form or another throughout your user groups.

  • Early Adopters
  • Late Adopters
  • VIP Users
  • Road Warriors
  • Hoarders

Use our approach to answer these questions:

What computers will people have?

Types of computing devices

  • Power desktop
  • Power laptop
  • Desktop
  • Laptop
  • Virtual Desktop
  • Thin Client Device
  • Pro Tablet
  • Tablet
  • Smartphone

Corporate-Issued Approaches

  • Kiosk – Shared, Single Purpose
  • Pooled – Shared, Multipurpose
  • Persistent – Individual
  • Personally Owned

Supported Operating Systems

  • Windows
  • Mac
  • Chrome OS
  • Linux
  • iOS/iPad OS
  • Android

How will you support these devices?

Device Management

  • Manual
  • CMT
  • EMM
  • UEM
  • Pooled Virtual Desktop Manager

Supporting Practices

  • Self-Service
  • Tier 1 Support
  • Specialist Support

How will you govern these devices?

Corporate Policies

  • Personal Use Allowed?
  • Management and Security Policies
  • Personal Device Use Allowed?
  • Supported Apps and Use Cases
  • Who Is Allowed to Purchase?
  • Prohibited Apps and Use Cases
  • Device Entitlement
  • Stipends and/or Reimbursement to Users

Use our blueprint to improve your EUC practices

  1. Devices
    • Corporate-issued devices
    • Standard offerings
  2. User Support
    • Self-service
    • Tier 1 support
  3. Use Cases
    • Providing value
    • Business apps
  4. Policy & Governance
    • Personal device use
    • IT policy
  5. Fitness for Use
    • Securing devices
    • Patching

Info-Tech’s methodology for end-user computing strategy

1. Set the Direction 2. Define the Offering 3. Build the Roadmap
Phase Steps

1.1 Identify Desired Benefits

1.2 Perform a User Group Analysis

1.3 Define the Vision

2.1 Define the Standard Offerings

2.2 Outline Supporting Services

2.3 Define Governance and Policies

3.1 Develop Initiatives
Phase Outcomes

Current-State Assessment

Goals Cascade

User Group Assessment

Vision Statement

Mission Statement

Guiding Principles

Standard Offerings by User Group

Device Management Model

Technical Support Model

Device Entitlement Policy

Acceptable Use Policy

Remote Wipe Policy & Waiver

Personal Device Reimbursement Policy

End-User Migration Journey Map

Strategy and Roadmap

Insight summary

Once users are satisfied with devices, focus on the bigger picture

If end users are dissatisfied with devices, they will also be dissatisfied with IT. But if you don’t also focus on apps and supportability, then giving users better devices will only marginally increase satisfaction with IT.

Bring it back to stakeholder priorities

Before you build your vision statement, make sure it resonates with the business by identifying senior leadership’s priorities and aligning your own goals to them.

Balance choice, risk, and cost

The balance of user choice, risk mitigation, and cost optimization is unique for each company. Get the balance right by aligning your strategy’s goals to senior leadership’s most important priorities.

Communicate early and often with users

Expect users to become anxious when you start targeting their devices. Address this anxiety by bringing them into the conversation early in the planning – they will see that their concerns are being addressed and may even feel a sense of ownership over the strategy.

Standardize the nonstandard

When users such as VIP users want more than the standard offering, have a more prestigious option available. This approach will help you to proactively anticipate your users’ needs.

Consider multiple personas when building your standards, training, and migrations

Early Adopters, Late Adopters, VIP Users, Road Warriors, and Hoarders – these five personas will exist in one form or another throughout your user groups.

Blueprint deliverables

Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

User Group Analysis Workbook

Use these worksheets to guide your analysis.

End-User Computing Ideas Catalog

Compare options for your end-user computing environment.

Standard End-User Entitlements and Offerings

Define your supported offerings and publish this document in your service catalog.

Policy Templates

Use these templates as a starting point for addressing policy gaps.

Key deliverable:

End-User Computing Strategy

Document your strategy using this boardroom-ready template.

Blueprint benefits

IT Benefits

  • Deliver immediate value to end users.
  • Provide the best service based on the user persona.
  • Provide better device coverage.
  • Use fewer tools to manage a less diverse but equally effective array of end-user computing devices.
  • Provide more managed devices that will help to limit risk.
  • Have better visibility into the end-user computing devices and apps.

Business Benefits

  • Conduct corporate business under one broad strategy.
  • Provide support to IT for specific applications and devices.
  • Take advantage of more scalable economies for providing more advantageous technologies.
  • Experience less friction between end users and the business and higher end-user satisfaction.

Measure the value of this blueprint

Your end-user computing strategy is an investment

Track the returns on your investment, even if those returns are soft benefits and not cost reductions

User Satisfaction

  • Satisfaction with device
  • Satisfaction with business apps
  • Satisfaction with service desk timeliness
  • Satisfaction with service desk effectiveness
  • Satisfaction with IT Employee engagement

Total Cost

  • Spend on each type of device
  • Cost of licenses for management tools, operating systems, and apps
  • Cost of support agreements # of support tickets per device per employee
  • Time spent supporting devices per tier or support team
  • Time spent per OS/app release

Risk Mitigation

  • # of devices that are end-of-life
  • % of devices in compliance
  • # of unmanaged devices
  • # of devices that have not checked in to management tool

Info-Tech offers various levels of support to best suit your needs

DIY Toolkit

"Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

Guided Implementation

"Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

Workshop

"We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

Consulting

"Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

Diagnostics and consistent frameworks are used throughout all four options.

Guided Implementation

What does a typical GI on this topic look like?

A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

A typical GI is 8 to 10 calls over the course of 4 to 6 months.

Phase 1: Set the Direction

  • Call #1: Review trends in end-user computing and discuss your current state.
  • Call #2: Perform a user group analysis.
  • Call #3: Identify desired benefits and map to stakeholder drivers.

Phase 2: Define the Offering

  • Call #4: Define standard offerings.
  • Call #5: Select provisioning models.
  • Call #6: Outline supporting services and opportunities to shift end-user computing support left.
  • Call #7: Identify gaps in governance and policies.

Phase 3: Build the Roadmap

  • Call #8: Develop initiatives.
  • Call #9: Plan migration and build roadmap.

EUC Strategy Workshop Overview

Contact your account representative for more information.

workshops@infotech.com 1-888-670-8889

Day 1 Day 2 Day 3 Day 4 Day 5
Set the Direction Define the Offering Support the Offering Bridge the Gap and Create the Roadmap Next Steps and Wrap-Up (offsite)
Activities

1.1 Identify desired benefits.

1.1.1 Assess the current state of end-user computing.

1.1.2 Perform a SWOT analysis.

1.1.3 Map benefits to stakeholder drivers and priorities.

1.2 Analyze user groups.

1.2.1 Identify user groups.

1.2.2 Identify supporting technology.

1.2.3 Record use cases.

1.2.4 Identify opportunities to provide value.

1.3 Define the vision.

1.3.1 Prioritize benefits.

1.3.2 Craft a vision and mission statement.

1.3.3 Identify goals.

1.3.4 Define guiding principles for your strategy.

2.1 Define the standard offerings.

2.1.1 Select a provisioning model for each persona.

2.1.2 Define the standard device offerings.

2.1.3 Document each personas’ entitlements.

2.2 Outline supporting practices.

2.2.1 Define device management tools and approach.

2.2.2 Identify groups involved in supporting practices.

2.2.4 Identify opportunities to improve customer service.

2.3 Define policies. 2.3.1 Define acceptable use. 2.3.2 Define BYOD policies. 2.3.3 Define procurement and entitlement policies. 2.3.4 Define security policies.

3.1 Develop initiatives.

3.1.1 Identify the gaps in devices, user support, use cases, policy & governance, and fitness for use.

3.1.2 Plan the deployment and user migration journey.

3.1.3 Document initiatives in the roadmap .

5.1 Complete in-progress deliverables from previous four days.

5.2 Set up time to review workshop deliverables and discuss next steps

Deliverables
  1. SWOT analysis of current state
  2. Goals cascade
  3. Persona analysis
  1. Vision statement, mission statement, and guiding principles
  2. Goals and indicators
  3. End-user device entitlements standard
  1. List of management tools for end-user computing
  2. Roles and responsibilities for maintaining the end-user computing environment
  3. Opportunities to improve customer service
  4. End-user computing policy templates
  1. Initiatives mapped to practice areas
  2. User’s migration journey map
  1. End-user computing strategy template
  2. End-user computing roadmap

Phase 1

Set the Direction

Set the Direction

1.1 Identify Desired Benefits

1.2 Perform a User Group Analysis

1.3 Define the Vision

Define the Offering

2.1 Define the Standard Offerings

2.2 Outline Supporting Services

2.3 Define Governance and Policies

Build the Roadmap

3.1 Develop Initiatives

This phase will walk you through the following activities:

  • Current-state analysis
  • Goals cascade
  • Persona analysis

This phase involves the following participants:

  • End-User Computing Team
  • IT Leadership

Set a direction that will create value for IT, stakeholders, and end users

Use your insights to build your strategy

Start by downloading Info-Tech’s End-User Computing Strategy Template

  1. Perform a stop-start-continue exercise for how IT supports end-user devices.
  2. Perform a goals cascade to identify how the end-user computing strategy can align with and support senior leaders’ priorities and strategic objectives.
  3. Perform a user group analysis to identify what IT can do to provide additional value to end users.
  4. Use the results to define a vision for your end-user computing strategy and in-scope benefits.

Download the End-User Computing Strategy Template.

Step 1.1

Identify Desired Benefits

Activities

1.1.1 Assess the current state of end-user computing

1.1.2 Perform a SWOT analysis

1.1.3 Map benefits to stakeholder drivers and priorities

Optional: Identify current total cost of ownership

This step requires the following inputs:

  • Current approach for end-user computing
  • List of strengths and weaknesses of the current approach

This step involves the following participants:

  • CIO
  • End-User Computing Team
  • IT Leadership
  • End-User Computing Manager

Outcomes of this step

  • Defined success metrics that are tied to business value
  • Vision statement, mission statement, and guiding principles

Review your current state for each end-user computing practice

  1. Devices
    • Corporate-issued devices
    • Standard offerings
  2. User Support
    • Self-service
    • Tier 1 support
  3. Use Cases
    • Providing value
    • Business apps
  4. Policy & Governance
    • Personal device use
    • IT policy
  5. Fitness for Use
    • Securing devices
    • Patching

1.1.1 Assess the current state of end-user computing

Discuss IT’s strengths and challenges

Review your success in responding to the trends highlighted in the executive brief.

  • Start by reviewing the trends in the executive brief. Identify which trends you would like to focus on.
  • Review the domains below. Discuss:
    • Your current approach
    • Strengths about this approach
    • Challenges faced with this approach
  • Document the results in the “Current-State Assessment” section of your End-User Computing Strategy.
  1. Devices
    • Corporate-issued devices
    • Standard offerings
  2. User Support
    • Self-service
    • Tier 1 support
  3. Use Cases
    • Providing value
    • Business apps
  4. Policy & Governance
    • Personal device use
    • IT policy
  5. Fitness for Use
    • Securing devices
    • Patching

Download the End-User Computing Strategy Template.

Consider these aspects of end-user computing in your assessment

Devices: As shown in the executive brief, devices are necessary for satisfaction in IT. In your current-state assessment, outline the principal means by which users are provided with a desktop and computing.

  • Corporate-issued devices: Document the types of devices (e.g. laptops, desktops, smartphones) and operating systems that IT currently supports.
    • Strengths: Highlight user satisfaction with your current offerings by referencing recent relationship surveys.
    • Challenges: Document corporate-issued devices where stakeholders and users are not satisfied, platforms that stakeholders would like IT to support, etc.
  • Standard offerings: Name the high-level categories of devices that you offer to end users (e.g. standard device, power device).
    • Strengths: Outline steps that IT has taken to improve the portfolio of standard offerings and to communicate the offerings.
    • Challenges: Identify areas to improve the standard offerings.

User support: Examine how the end-user computing team enables a high-quality customer service experience. Especially consider self-service and tier 1 support.

  • Self-service: Describe the current state of your self-service capabilities (e.g. name of the self-service portal, number of apps in the app store).
    • Strengths: Outline successes with your self-service capabilities (e.g. use of self-service tools, recently deployed tools, newly supported platforms).
    • Challenges: Identify gaps in self-service capabilities.
  • Tier 1 support: Document the number of end-user computing incidents and service requests that are resolved at tier 1 as well as the number of incidents and service requests that are resolvable without escalation.
    • Strengths: Identify technologies that make first contact resolution possible. Outline other items that support tier 1 resolution of end-user computing tickets, such as knowledgebase articles and training programs.
    • Challenges: Document areas in which tier 1 resolution of end-user computing tickets is not feasible.

Considerations (cont’d.)

Use cases: Reflect on how IT and end-user computing supports users’ most important use cases. Consider these aspects:

  • Providing value: Identify the number of user groups for which you have completed a user group analysis. Outline your major approaches for capturing feedback, such as relationship surveys.
    • Strengths: Document any successful initiatives around stakeholder relationships and requirements gathering. You can also highlight successful metrics, such as high satisfaction scores from a team, department, or division.
    • Challenges: Identify where there are dissatisfied stakeholders and gaps in product offerings and where additional work around value generation is required.
  • Business apps: Outline your major business apps and your approach to improvement for these apps. If you need assistance gathering feedback from end users and stakeholders, you can use Info-Tech’s Application Portfolio Assessment.
    • Strengths: Show the EUC team’s successes in supporting critical business apps (e.g. facilitating user acceptance testing, deploying via endpoint management tool).
    • Challenges: Name business apps that are not meeting stakeholder needs. Consider if end users are dissatisfied with an app, if IT is unable to adequately monitor and support a business app, etc.

Policy and governance: Document the current state of policies governing the use of end-user computing devices, both corporate-issued and personally owned. Review Step 2.3 for a list of policy questions to address and for links to policy templates.

  • Personal device use: Explain which users are allowed to use personally owned devices, what use cases are supported, and which types of devices are supported. Also, highlight explicit prohibitions.
    • Strengths: Highlight major accomplishments with BYOD, utilization metrics, etc. Consider including any platforms or apps that support BYOD (e.g. Microsoft Office 365).
    • Challenges: Identify where there are gaps in your support for personal devices. Examples can include insufficient management tools, lack of feedback from end users on BYOD support, undefined policies and governance, and inadequate support for personal devices.

Considerations (cont’d.)

IT policies: List your current policy documents. Include policies that relate to end-user computing, such as security policy documents; acceptable use policy documents; purchasing policies; documents governing entitlements to computers, tablets, smartphones, and prestigious devices; and employee monitoring policy documents.

  • Strengths: Outline the effectiveness of these policies, user compliance to these policies, and your success in enforcing these policies.
  • Challenges: Identify where you have gaps in user compliance, gaps in enforcing policies, many exceptions to a policy, etc.

Fitness for use: Reflect on your ability to secure users, enterprise data, and computers. Document your current capabilities to ensure devices are adequately secured and risks adequately mitigated.

  • Securing devices: Describe your current approach to implementing security baselines, protecting data, and ensuring compliance.
    • Strengths: Highlight your accomplishments with ensuring devices meet your security standards and are adequately managed.
    • Challenges: Identify areas that are not adequately protected, where IT does not have enough visibility, and devices on which IT cannot enforce security standards.
  • Patching: Describe your current approach to distributing OS patches, distributing app patches, and ensuring patch compliance.
    • Strengths: Outline steps that IT has taken to improve release and deployment practices (e.g. user acceptance testing, deployment rings).
    • Challenges: When is IT unable to push a patch to a device? Outline when devices cannot receive a patch, when IT is unable to ensure patches are installed, and when patches are disruptive to end users.

1.1.2 Perform a SWOT analysis

Summarize your current-state analysis

To build a good strategy, you need to clearly understand the challenges you face and opportunities you can leverage.

  • Summarize IT’s strengths. These are positive aspects internal to IT.
  • Summarize IT’s challenge. What internal IT weakness should the strategy address?
  • Identify high-level opportunities. Summarize positive factors that are external to IT (e.g. within the larger organization, strong vendor relationships).
  • Document threats. What external factors present a risk to the strategy?

Record your SWOT analysis in the “Current-State Assessment” section of your End-User Computing Strategy Template.

Download the End-User Computing Strategy Template.

1.1.3 Map benefits to stakeholder drivers and priorities

Use a goals cascade to identify benefits that will resonate with the business

Identify how end-user computing will support larger organizational strategies, drivers, and priorities

  1. Identify stakeholders. Focus on senior leaders – user groups will be addressed in Step 1.2.
  2. For each stakeholder, identify three to five drivers or strategic priorities. Use the drivers as a starting point to:
    1. Increase productivity
    2. Mitigate risks
    3. Optimize costs
  3. Map the benefits you brainstormed in Step 1.1 to the drivers. It’s okay to have benefits map to multiple drivers.
  4. Re-evaluate benefits that don’t map to any drivers. Consider removing them.
Stakeholder Drivers and Strategic Priorities End-User Computing Benefits
CEO Ensure service continuity with remote work
  • Customers can still be served by remote workers
Respond to COVID-19 changes with agility
  • Workers can transition seamlessly between working remotely and working in the office
Reduce unnecessary costs
  • Standardize computer models to reduce spend on devices
COO Business continuity: being able to work from home
  • Workers can transition seamlessly between working remotely and working in the office

Record this table on the “Goals Cascade” slide in the “Vision and Desired Benefits” section of your End-User Computing Strategy Template.

Use the CEO-CIO Alignment Program to identify which business benefits are most important.

Sample end-user computing benefits

Business Goals End-User Computing Benefits
Manage risk Controls are effectively enforced on remote devices Sensitive data is secured Devices and data are accounted for
Ensure service continuity Business processes can still function with remote personnel Customers can still be served by remote workers Personnel can be productive from anywhere IT practices can still operate remotely
Comply with external regulation Improved ability to demonstrate compliance
Respond to change with agility Personnel can be productive from anywhere More business processes can be performed remotely
Improve operational efficiency More efficient sales practices More efficient customer service practices Increased number of digitized business processes Increased use of IT and HR self-service tools
Offer competitive products and services Increased customer satisfaction with online services Number of piloted new products
Manage people Increased employee productivity Increased employee engagement Increased talent attraction Increased workforce retention
Make data-driven decisions Increased workforce retention Improved understanding of customers Access to accurate data on services and spending Improved IT cost forecasting
Improve customer experience Increased customer satisfaction with online services Ability to scale up capacity to meet increased demand Customers can still be served by remote workers Improved customer self-service options
Maximize stakeholder value Transition to OpEx spend and reduce CapEx investments Access to accurate data on services and spending Improved IT cost forecasting

Optional: Identify current total cost of ownership

Be mindful of hidden costs, such as those associated with supporting multiple devices and maintaining a small fleet of corporate devices to ensure business continuity with BYOD.

  • Use the Hardware Asset Management Budgeting Tool to forecast spend on devices (and infrastructure) based on project needs and devices nearing end of life.
  • Use the Mobile Strategy TCO Calculator to estimate the total cost of all the different aspects of your mobile strategy, including:
    • Training
    • Management platforms
    • Custom app development
    • Travel and roaming
    • Stipends and taxes
    • Support
  • Revisit these calculators in Phase 2. Use the TCO calculator when considering different approaches to mobility and end-user computing.

Insert the results into your End-User Computing Strategy Template.

Download the HAM Budgeting Tool.

Download the Mobile Strategy TCO Calculator.

Step 1.2

Perform a User Group Analysis

Activities

1.2.1 Organize roles based on how they work

1.2.2 Organize users into groups

1.2.3 Document the current offerings

1.2.4 Brainstorm pain points and desired gains for each user group

This step requires the following inputs:

  • List of roles and technologies
  • User feedback
  • List of personas

This step involves the following participants:

  • End-User Computing Team
  • IT Leadership
  • End-User Computing Manager

Outcomes of this step

  • List of user groups and use cases for each group
  • List of current offerings for each user group
  • Value analysis for each user group

Gather the information you need

Use the Application Portfolio Assessment to run a relationship survey.

Dive deeper with the blueprint Improve Requirements Gathering.

List of Roles and Technology

Organization chart: Consult with HR or department leaders to provide a list of the different roles that exist in each department.

Identity access management tools: You can consult tools like Active Directory, but only if the data is clean.

Apps and devices used: Run a report from your endpoint management tool to see what devices and apps are used by one another. Supplement this report with a report from a network management tool to identify software as a service that are in use and/or consult with department leaders.

User Feedback

Relationship surveys: Tools like the End-User Application Satisfaction Diagnostic allow you to assess overall satisfaction with IT.

Focus groups and interviews: Gather unstructured feedback from users about their apps and devices.

User shadowing: Observe people as they use technology to identify improvement opportunities (e.g. shadow meetings, review video call recordings).

Ticket data: Identify apps or systems that users submit the most incidents about as well as high-volume requests that could be automated.

1.2.1 Organize roles based on how they work

Start by organizing roles into categories based on where they work and how they interact with information.

  1. Define categories of where people work. Examples include:
    1. In office, at home, at client sites
    2. Stationary, sometimes mobile, always mobile
    3. Always in same location, sometimes in different locations, always in different locations within a site, mobile between sites
  2. Define categories of how people interact with information. Examples include:
    1. Reads information, reads and writes information, creates information
    2. Cases, projects, relationships
  3. Build a matrix. Use the location categories on one axis and the interaction categories on the other axis.
  4. Place unique job roles on the matrix. Review each functional group’s organizational chart. It is okay if you don’t fill every spot. See the diagram on this page for an example.
Always Works in the Same Location Sometimes Works in Different Locations Always Works in Different Locations
Predominantly Reads Information
  • Janitor
  • Receptionist
  • Receiving
  • Accounts Payable Clerk
Reads and Writes Information
  • Sales Rep
  • Sales Manager
  • Director of Sales
  • Developer
  • Scrum Master
  • Customer Service Agent
  • CS Manager
  • Call Center Director
  • Accountant
  • Controller
  • HR Specialist
  • Business Analyst
  • VP, Sales
  • Product Manager
  • Project Manager
  • Director of Engineering
  • VP, HR
  • CFO
  • Director of PMO
  • Field Sales Rep
  • CEO
  • CIO
  • COO
Predominantly Creates Information
  • External Consultants
  • Design
  • Marketing
  • Copywriting

1.2.2 Organize users into groups

Populate a user group worksheet for each in-scope group.

  1. Within each quadrant, group similar roles together into “User Groups.” Consider similarities such as:
    1. Applications they use
    2. Data and files with which they interact
    3. Business capabilities they support
  2. Document their high-level profile:
    1. Where they work
    2. Sensitivity of data they access
    3. Current device and app entitlements
  3. Document the resulting user groups. Record each user group on a separate worksheet in the User Group Analysis Workbook.

Download the User Group Analysis Workbook.

1.2.3 Document the current offerings

For each user group, document:

  • Primary and secondary computing devices: Their most frequently used computing devices.
  • Acceptable use: Whether corporate-issued devices are personally enabled.
  • BYOD: Whether this persona is authorized to use their personal devices.
  • Standard equipment provided: Equipment that is offered to everyone in this persona.
  • Additional devices and equipment offered: Equipment that is offered to a subset of this user group. These items can include more prestigious computers, additional monitors, and office equipment for users allowed to work remotely. This category can include items that require approval from budget owners.
  • Top apps: What apps are most commonly used by this user group? What common nonstandard apps are used by this user group?

Standardize the nonstandard

When users such as VIP users want more than the standard offering, have a more prestigious option available. This approach will help you to proactively anticipate your users’ needs.

1.2.4 Brainstorm pain points and desired gains for each user group

Don’t focus only on their experiences with technology

Reference the common personas listed on the next page to help you brainstorm additional pain points and desired gains.

  1. Brainstorm pain points. Answer these questions for each role:
    1. What do people find tedious about their day-to-day jobs?
    2. What takes the most effort for them to do?
    3. What about their current toolset makes this user frustrated?
    4. What makes working difficult? Consider their experiences working from a home office, attending meetings virtually or in person, and working in the office.
    5. What challenges does that role have with each process?
  2. Brainstorm desired gains from their technology. Answer these questions for each role:
    1. For your end-user computing vision to become a reality for this persona, what outcomes or benefits are required?
    2. What benefits will this persona expect an end-user computing strategy to have?
    3. What improvements does this role desire?
    4. What unexpected benefits or outcomes would surprise this role?
    5. What would make this role’s day-to-day easier?
    6. What location-specific benefits are there (e.g. outcomes specific to working in the office or at home)?

Record each user group’s pain points and desired gains on their respective worksheet.

For additional questions you can ask, visit this Strategyzer blog post by Alexander Osterwalder.

Info-Tech Insight

Identify out-of-scope benefits?

If that desired gain is required for the vision to be achieved for a specific role, you have two options:

  • Bring the benefit in scope. Ensure your metrics are updated.
  • Bring this user group out of scope. End-user computing improvements will not be valuable to this role without that benefit.

Forcing a user group to use an unsatisfactory tool will severely undermine your chance of success, especially in the project’s early stages.

Consider these common personas when brainstorming challenges and desired gains

What unique challenges will these personas face within each of your user groups? What improvements would each of these personas expect out of an end-user computing strategy?

Early Adopters

  • Like trying new ways of working and using the latest technology.
  • Very comfortable solving their own issues.
  • Enjoy exploring and creating new ways of handling challenges.

Late Adopters

  • Prefer consistent ways of working, be it tech or business processes.
  • React to tech issues with anxiety and need assistance to get issues fixed.

VIP

  • Has a prestigious job and would like to use technology that communicates their status.
  • Does not like to resolve their own issues.

Road Warriors

  • Always on the go, running between work meetings and appointments.
  • Value flexibility and want devices, apps, and tech support that can be used anywhere at any time.

Hoarders

  • Want to keep all their devices, data, and apps.
  • Will stall when they need to migrate devices or uninstall apps and become unresponsive any time there is a risk of losing something.

Step 1.3

Define the Vision

Activities

1.3.1 Prioritize which benefits you want to achieve

1.3.2 Identify how you will track performance

1.3.3 Craft a vision statement that demonstrates what you’re trying to create

1.3.4 Craft a mission statement for your end-user computing team

1.3.5 Define guiding principles

This step requires the following inputs:

  • Goals cascade
  • List of benefits
  • List of critical success factors (CSFs)

This step involves the following participants:

  • End-User Computing Manager
  • CIO
  • Help Desk Manager
  • Infrastructure Manager

Outcomes of this step

  • End-User computing KPIs and metrics
  • Vision statement
  • Mission statement

1.3.1 Prioritize which benefits you want to achieve

Use the MoSCoW sorting technique

Select benefits that appear multiple times in the goals cascade from Activity 1.1.3 as well as your challenges from your current-state assessment.

  1. Record which benefits are “Must Haves.” Select benefits that are most important to your highest-priority stakeholders.
  2. Record which benefits are “Should Haves.” These benefits are important but not critical.
  3. Record which benefits are “Could Haves.” These are low-priority benefits.
  4. Record the remaining benefits under “Won’t Have.” These benefits are out-of-scope but can be revisited in the future.

Record the output in your End-User Computing Strategy Template under “Benefit Prioritization” in the “Vision and Desired Benefits” section.

Sample output:

Must Have Should Have Could Have Won't Have
  • Customers can still be served by remote workers.
  • Easier to work in multiple locations.
  • More options for provisioning computers to new workers.
  • Improved patching and security compliance checking of remote devices.
  • Self-service app installs on Windows.
  • More consistent experience across all devices and platforms, including BYOD.
  • Improved visibility into and manageability of BYOD.
  • Ability for users to create their own low-code apps (e.g. in Microsoft Power Apps).
  • Improved guidelines for running hybrid/remote meetings.
  • BYOD support for workers handling sensitive data.
  • Support for any type of Android smartphone or tablet.

1.3.2 Identify how you will track performance

  1. List each unique high-priority benefit from Activity 1.3.1 as a critical success factor (CSF).
  2. For each CSF, identify key performance indicators (KPIs) that you can use to track how well you’re progressing on the CSF.
    1. Articulate that KPI as a SMART goal (specific, measurable, achievable, realistic, and timebound).
  3. For each KPI, identify the metrics you will use to calculate it.
  4. Identify how and when you will:
    1. Capture the current state of these metrics.
    2. Update changes to the metrics.
    3. Re-evaluate the CSFs.
    4. Communicate the progress to the project team and to stakeholders.

Record this information in your End-User Computing Strategy Template.

Sample output:

Critical Success Factor Key Performance Indicator Metrics
Improve remote worker productivity Increase employee engagement by 10% in two years
  • McLean Employee Engagement Score
  • Gallup Q Score
Integrate relevant information sources into one spot for sales Integrate three information sources that will be useful to sales in one year
  • # of sales-specific apps integrated into a dashboard, portal, or workspace
  • Sales satisfaction scores
Reduce real-estate costs Reduce office space by 50% in two cities over three years
  • $ spent on office leases
Securely deliver all apps, information, and data to any device, anywhere, at any time Build the apps and information sources into a digital workspace for three business processes over one year
  • # of business processes supported in the workspace

1.3.3 Craft a vision statement that demonstrates what you’re trying to create

The vision statement communicates a desired future state of the IT organization. The statement is expressed in the present tense. It seeks to articulate the desired role of IT and how IT will be perceived.

Strong IT vision statements have the following characteristics:

  • Describes a desired future
  • Focuses on ends, not means
  • Communicates promise
  • Is:
    • Concise; no unnecessary words
    • Compelling
    • Achievable
    • Inspirational
    • Memorable

Sample IT Vision Statements:

  • To support an exceptional employee experience by providing best-in-class end-user devices.
  • Securely enable access to corporate apps and data from anywhere, at any time, on any device.
  • Enable business and digital transformation through secure and powerful virtualization technology.
  • IT is a cohesive, proactive, and disciplined team that delivers innovative technology solutions while demonstrating a strong customer-oriented mindset.

1.3.4 Craft a mission statement for your end-user computing team

The IT mission statement specifies the function’s purpose or reason for being. The mission should guide each day’s activities and decisions. The mission statement should use simple and concise terminology and speak loudly and clearly, generating enthusiasm for the organization.

Strong IT mission statements have the following characteristics:

  • Articulate the IT function’s purpose and reason for existence
  • Describe what the IT function does to achieve its vision
  • Define the customers of the IT function
  • Can be described as:
    • Compelling
    • Easy to grasp
    • Sharply focused
    • Inspirational
    • Memorable
    • Concise

Sample IT Mission Statements:

  • To provide infrastructure, support, and innovation in the delivery of secure, enterprise-grade information technology products and services that enable and empower the workforce at [Company Name].
  • To help fulfill organizational goals, the IT department is committed to empowering business stakeholders with technology and services that facilitate effective processes, collaboration, and communication.
  • The mission of the information technology (IT) department is to build a solid, comprehensive technology infrastructure; to maintain an efficient, effective operations environment; and to deliver high-quality, timely services that support the business goals and objectives of [Company Name].
  • The IT group is customer-centered and driven by its commitment to management and staff. It oversees services in computing, telecommunications, networking, administrative computing, and technology training.

1.3.5 Define guiding principles

Select principles that align with your stakeholders’ goals and objectives

Use these examples as a starting point:

IT Principle Name IT Principle Statement
1. Enterprise value focus We aim to provide maximum long-term benefits to the enterprise as a whole while optimizing total costs of ownership and risks.
2. Fit for purpose We maintain capability levels and create solutions that are fit for purpose without over-engineering them.
3. Simplicity We choose the simplest solutions and aim to reduce operational complexity of the enterprise.
4. Reuse > buy > build We maximize reuse of existing assets. If we can’t reuse, we procure externally. As a last resort, we build custom solutions.
5. Managed data We handle data creation, modification, and use enterprise-wide in compliance with our data governance policy.
6. Controlled technical diversity We control the variety of technology platforms we use.
7. Managed security We manage, support, and assist in the implementation of security enterprise-wide in collaboration with our security governance team.
8. Compliance to laws and regulations We operate in compliance with all applicable laws and regulations.
9. Innovation We seek innovative ways to use technology for business advantage.
10. Customer centricity We deliver best experiences to our end users by aligning to customer service best practices.

Phase 2

Define the Offering

Set the Direction

1.1 Identify Desired Benefits

1.2 Perform a User Group Analysis

1.3 Define the Vision

Define the Offering

2.1 Define the Standard Offerings

2.2 Outline Supporting Services

2.3 Define Governance and Policies

Build the Roadmap

3.1 Develop Initiatives

This phase will walk you through the following activities:

  • Defining standard device entitlements and provisioning models for end-user devices and equipment
  • Shifting end-user computing support left
  • Identifying policy gaps

This phase involves the following participants:

  • End-User Computing Team
  • IT Leadership

Step 2.1

Define the Standard Offerings

Activities

2.1.1 Identify the provisioning models for each user group

2.1.2 Define the standard device offerings

2.1.3 Document each user group’s entitlements

This step requires the following inputs:

  • Standard End-User Entitlements and Offerings Template
  • List of persona groups
  • Primary computing devices
  • Secondary computing devices
  • Supporting operating systems
  • Applications and office equipment

This step involves the following participants:

  • End-User Computing Manager
  • CIO
  • Help Desk Manager
  • Infrastructure Manager

Outcomes of this step

  • End-user device entitlements and offerings standard

This step will walk you through defining standard offerings

You will define the base offering for all users in each user group as well as additional items that users can request (but that require additional approvals).

  1. Primary Computing Device
    • The main device used by a worker to complete their job (e.g. laptop for knowledge workers, kiosk or shared tablet for frontline workers).
  2. Secondary Computing Devices
    • Additional devices that supports a worker (e.g. a smartphone, tablet, personal computer).
  3. Provisioning Models
    • Whether the equipment is corporate-issued versus personally owned and whether personal use of corporate resources is allowed.
  4. Apps
    • The software used by the worker. Apps can be locally installed, cloud-based (e.g. SaaS), and/or virtualized and running remotely.
  5. Peripherals
    • Additional equipment provisioned to the end user (e.g. monitors, docking station, mice, keyboards).

There is always a challenge of determining who gets what and when

The goal is balancing cost, risk, and employee engagement

The right balance will be different for every organization

  • IT can’t always say no to new ideas from the business. For example, if the organization wants to adopt Macs, rather than resisting IT should focus on identifying how Macs can be safely implemented.
  • Smartphones may not be necessary for a job, but they can be a valid employee perk. Not every employee may be entitled to the perk. There may be resentment between employees of the same level if one of the employees has a corporate-issued, business-only phone for their job function.
  • The same laptop model may not work for everyone. Some employees may need more powerful computers. Some employees may want more prestigious devices. Other employees may require a suite of apps that is only available on non-Windows operating systems.

Action Item: Provide a defined set of standard options to the business to proactively address different needs.

A good end-user computing strategy will effectively balance:

  • User Choice
  • Risk
  • Cost

Your standard offerings need to strike the right balance for your organization.

Review the End-User Computing Ideas Catalog

Compare pros and cons of computing devices and operating systems for better decision making

The catalog provides information about choices in:

  • Provisioning models
  • Operating systems
  • Device form factors

Review the catalog to learn about items that can help your organization to achieve the desired vision from Phase 1.

As you review the catalog, think about these questions:

  • What primary and secondary devices can you provide?
  • What operating systems do these devices support?
  • What are the provisioning models you will use, considering each model’s weaknesses and strengths?
  • How can you more effectively balance user choice, risk, and cost?

Download the End-User Computing Ideas Catalog.

2.1.1 Identify the provisioning models for each user group

  1. Review the definitions in the End-User Computing Ideas Catalog.
  2. Build a table. List the major user groups along the top of the table and applications down the rows.
  3. Brainstorm provisioning models that will be used for primary and secondary devices for each persona group.
  4. Record your provisioning models in the Standard End-User Entitlements and Offerings Template.

Download the End-User Computing Ideas Catalog.

Download the Standard End-User Entitlements and Offerings Template.

Persona Primary Computing Device Secondary Laptops or Computers Smartphone Tablet
Sales COPE BYOD BYOD BYOD
Field Sales CYOD BYOD COBO COBO
Customer Service COBO None None None
Knowledge Worker COPE BYOD BYOD BYOD
App Dev CYOPED None CYOD CYOD
VIP CYOPED CYOPED CYOPE BYOD

Identify multiple device options

Offer standard, power, and prestigious offerings

Prioritize offering models and align them with your user groups.

  • Standard device: This offering will work for most end users.
  • Power device: This offering will provide additional RAM, processor speed, storage, etc., for users that require it. It is usually offered as an additional option that requires approval.
  • Prestigious device: This offering will be provided to VIP users.
  • Portable device: This offering is for employees within a user group that moves around more often than others. This type of offering is optional – consider having a separate user group for these users that get a more portable laptop as their standard device.

Standardize the nonstandard

When users such as VIP users want more than the standard offering, have a more prestigious option ready to offer. This approach will help you to proactively anticipate your users’ needs.

Who approves?

Generally, if it is a supported device, then the budget owner determines whether to allow the user to receive a more powerful or more prestigious device.

This decision can be based on factors such as:

  • Business need – does the user need the device to do their job?
  • Perk or benefit – is the device being offered to the end user as a means of increasing their engagement?

If IT gets this answer wrong, then it can result in shadow IT

Document your answer in the Device Entitlement Policy Template.

2.1.2 Define the standard device offerings

Consider all devices and their supporting operating systems.

  1. On a flip chart or whiteboard, build a matrix of the supported form factors and operating systems.
  2. For each cell, document the supported vendor and device model.
  3. Identify where you will provide additional options.
Windows Mac OS iOS Android
Laptops Lenovo T15 Gen 2 MacBook Pro 14” N/A N/A
Power Laptops Lenovo ThinkPad X1 Carbon MacBook Pro 16” N/A N/A
Prestigious Laptops Lenovo ThinkPad X1 Yoga Gen 6 MacBook Pro 16” N/A N/A
Tablets Microsoft Surface N/A iPad Pro Samsung Galaxy Tab
Smartphones N/A N/A iPhone 13 Samsung Galaxy S21

2.1.3 Document each user groups’ entitlements

Not every persona needs to be entitled to every supported option

Use the Standard End-User Entitlements and Offerings Template as a starting point.

  • Create a separate section in the document for each persona. Start by documenting the provisioning models for each type of device.
  • Record the standard offering provided to members of each persona as well as additional items that can be provided with approval. Record this information for:
    • Primary computing devices
    • Secondary computing devices
  • Optional: Document additional items that will be provided to members of each persona as well as additional items they can request, such as:
    • Apps
    • Office equipment

Download the Standard End-User Entitlements and Offerings Template.

Step 2.2

Outline Supporting Services

Activities

2.2.1 Review device management tools and capabilities

2.2.2 Identify common incidents and requests for devices

2.2.3 Record how you want to shift resolution

2.2.4 Define which IT groups are involved in supporting practices

Define the Offering

This step requires the following inputs:

  • Standard End-User Entitlements and Offerings Template
  • List of supporting devices
  • Common incidents and requests
  • List of supporting practices

This step involves the following participants:

  • End-User Computing Manager
  • CIO
  • Help Desk Manager
  • Infrastructure Manager

Outcomes of this step

  • List of IT groups who are involved in supporting devices
  • Responsibilities of each group for requests and incidents

2.2.1 Review device management tools and capabilities

Document the tools that you use to manage each OS and identify gaps

If there are different approaches to managing the same OS (e.g. Windows devices that are co-managed versus Windows devices that are only managed by Intune), then list those approaches on separate rows.

Provision Protect from loss/theft Deploy/update apps Backup & protect Protect from injections Complies with policies Track Decommission
Windows 10 & 11 (co-managed) Autopilot Gap ConfigMgr Gap Windows Security ConfigMgr ConfigMgr Intune Intune and Autopilot
Windows 10 & 11 (Intune) Autopilot Intune (remote wipe) Intune OneDrive for Business Windows Security Microsoft Advanced Threat Protection Intune Intune and Autopilot
Mac OS Jamf Pro Intune (remote wipe) Jamf Pro OneDrive for Business Gap Jamf Pro Intune Jamf Pro

Document the results on the “IT Management Tools” slide in the “IT Support” section of your End-User Computing Strategy Template.

2.2.2 Identify common incidents and requests for devices

Analyze your service desk ticket data. Look for the following information:

  • The most common incidents and service requests around end-user devices and business apps
  • Incident categories and service requests that almost always involve escalations

Record the level at which these tickets can be resolved today. Ensure you include these groups:

  • Tier 0 (i.e. end-user self-service)
  • Tier 1 (i.e. user’s first point of contact at the service desk)
  • Desk-side support and field-support groups
  • End-user computing specialist teams (e.g. desktop engineering, mobile device management teams)
  • Other specialist teams (e.g. security, enterprise applications, DevOps)

Record the desired state. For each incident and request, to where do you want to shift resolution?

Record this chart on the “Current State of IT Support” slide in the “IT Support” section of your End-User Computing Strategy Template.

Most Common Incidents & Requests Self-Service Service Desk Tier 1 Desk-Side or Field Support End-User Computing
Connect/fix a printer X
Web conferencing issue X
Bluetooth issues X
Outlook issues X
Install standard app X
Install app requiring approval X
Install nonstandard app X
Enroll personal iOS/Android device X
Enroll personal Mac/Windows computer X
Perform a factory reset on a lost or stolen device X
Unenroll device X

2.2.3 Record how you want to shift resolution

Identify opportunities to improve self-service and first contact resolution.

Starting with the chart you created in Activity 2.2.2, record the desired state. For each incident and request, to where do you want to shift resolution?

  • Identify quick wins. Where will it take low effort to shift resolution? Denote these items with a “QW” for quick win.
  • Identify high-value, high-effort shifts. Where do you want to prioritize shifting resolution? Base this decision on the desired benefits, guiding principles, and vision statement built in Phase 1. Denote these items with an “H” for high.
  • Identify low-value areas. Where would shifting provide low value to end users and/or would have low alignment to the benefits identified in Phase 1? Denote these items with an “L” for low.
  • Identify where no shift can occur. Some items cannot be shifted to self-service or to tier 1 due to governance considerations, security factors, or technical complexity. Denote these items with an “OoS” for out of scope.

Use the “Opportunities to Provide Self-Service and Articles” and “Desired State” slides in the “IT Support” section of your End-User Computing Strategy Template to document quick wins and high-value, high-effort shifts.

Most Common Incidents & Requests Self-Service Service Desk Tier 1 Desk-Side or Field Support End-User Computing
Connect/fix a printer H QW X
Web conferencing issue H X
Bluetooth issues L X
Outlook issues H H X
Install standard app X
Install app requiring approval H X
Install nonstandard app OoS X
Enroll personal iOS/Android device QW QW X
Enroll personal Mac/Windows computer QW QW X
Perform a factory reset on a lost or stolen device QW QW X
Unenroll device QW QW X

2.2.4 Define which IT groups are involved in supporting practices

Repeat activities 2.2.2 and 2.2.3 with the following list of tasks

IT Asset Management

  • Purchasing devices
  • Purchasing software licenses
  • Imaging devices
  • Deploying devices
  • Deploying software
  • Recovering devices
  • Recovering software

Release Management

  • Testing patches
  • Testing app updates
  • Testing OS updates
  • User acceptance testing

Managing Service Catalogs

  • Defining standard device offerings
  • Defining standard software offerings
  • Defining device and software entitlements
  • Updating published catalog entries

Knowledge Management

  • Writing internal KB articles
  • Writing user-facing articles
  • Training specialists
  • Training service desk agents
  • Training users

Portfolio Management

  • Prioritizing app upgrades or migrations
  • Prioritizing OS migrations
  • Prioritizing end-user computing projects

Step 2.3

Define Governance and Policies

Activities

2.3.1 Answer these organizational policy questions

2.3.2 Answer these security policy questions

Define the Offering

This step requires the following inputs:

  • List of supporting devices
  • List of persona groups
  • List of use cases

This step involves the following participants:

  • End-User Computing Manager
  • CIO
  • Help Desk Manager
  • Infrastructure Manager

Outcomes of this step

  • End-user computing organizational and security policies

Focus on organizational policies and enforcement

Policies set expectations and limits for mobile employees

Enforcement refers to settings on the devices, management and security tools, and process steps.

  • Policies define what should and should not be done with user-facing technology. These policies define expectations about user and IT behavior.
  • Enforcement ensures that policies are followed. User policies must often be enforced through human intervention, while technology policies are often enforced directly through infrastructure before any people get involved.

Use the “Policies” section in the End-User Computing Strategy Template to document the answers in this section. Activities 2.3.2 and 2.3.3 present links to policy templates. Use these templates to help address any gaps in your current policy suite.

2.3.1 Answer these organizational policy questions

Identify if there are different expectations for certain user groups, where exceptions are allowed, and how these policies will be enforced.

Entitlements

  • Who is entitled to receive and use prestigious computers?
  • Who is entitled to receive and use a smartphone?
  • What users are entitled to a stipend for personal device use?

Personal Device Use

  • What use cases are supported and are not supported on personal devices?
  • What level of visibility and control does IT need over personal devices?

Acceptable Use

  • Are people allowed to use corporate resources for personal use?
  • What are the guidelines around personal use?
  • Are users allowed to install personal apps on their corporate-issued computers and/or mobile devices?

Purchasing and Reimbursement

  • Who is allowed to purchase devices? Apps?
  • When can users file a reimbursement request?

Employee Monitoring

  • What user information is monitored?
  • When can that information be used and when can it not be used?

Use the “Policies” section of the End-User Computing Strategy Template to document these answers.

Identify organizational policy gaps

Use these templates as a starting point

Entitlements

Download the Mobile Device Connectivity & Allowance Policy template.

Purchasing & Reimbursement

Download the Purchasing Policy template.

Download the Mobile Device Reimbursement Policy template.

Download the Mobile Device Reimbursement Agreement template.

Acceptable Use

Download the General Security – User Acceptable Use Policy template.

Personal Device Use

Download the BYOD Acceptable Use Policy template.

Download the Mobile Device Remote Wipe Waiver template.

Employee Monitoring

Download the General Security – User Acceptable Use Policy template.

Visit the Reduce and Manage Your Organization’s Insider Threat Risk blueprint to address this gap.

2.3.2 Answer these security policy questions

Identify if there are different expectations for certain user groups, where exceptions are allowed, and how these policies will be enforced.

Use Cases

  • What data and use cases are subject to stricter security measures?
  • Are certain use cases or data prohibited on personal devices?
  • Are there restrictions around where certain use cases are performed and by whom?

Patching

  • Are users expected to apply OS and app updates and patches? Or does IT automate patching?

Physical Security

  • What does the user need to do to secure their equipment?
  • If a device is lost or stolen, who does the user contact to report the lost or stolen device?

Cybersecurity

  • How will IT enforce security configuration baselines?
  • What does the user need to do (or not do) to secure their device?
  • Are certain users allowed to have local admin rights?
  • What happens when a device doesn’t comply with the required security configuration baseline?

Use the “Policies” section of the End-User Computing Strategy Template to document these answers.

Identify security policy gaps

Use these templates as a starting point

Use Cases

Download the General Security – User Acceptable Use Policy template.

Visit the Discover and Classify Your Data blueprint to address this gap.

Patching

Download the General Security – User Acceptable Use Policy template.

Physical and Cyber Security

Download the General Security – User Acceptable Use Policy template.

Visit the Develop and Deploy Security Policies blueprint to address this gap.

For help defining your own security configuration baselines for each operating system, reference best practice documentation such as:

National Institute of Standards and Technology’s National Checklist Program.

Center for Internet Security’s solutions.

Microsoft’s security baseline settings for Windows 10 and 11 Configuration Service Providers.

Phase 3

Build the Roadmap

Set the Direction

1.1 Identify Desired Benefits

1.2 Perform a User Group Analysis

1.3 Define the Vision

Define the Offering

2.1 Define the Standard Offerings

2.2 Outline Supporting Services

2.3 Define Governance and Policies

Build the Roadmap

3.1 Develop Initiatives

This phase will walk you through the following activities:

  • Defining initiatives for each EUC domain
  • Building a customer journey map for any end-user computing migrations
  • Building a roadmap for EUC initiatives

This phase involves the following participants:

  • End-User Computing Team

Step 3.1

Develop Initiatives

Activities

3.1.1 Identify initiatives for each EUC practice

3.1.2 Build out the user’s migration journey map

3.1.3 Build out a list of initiatives

Build the Roadmap

This step requires the following inputs:

  • User group workbook
  • Migration initiatives

This step involves the following participants:

  • Infrastructure Director
  • Head of End-User Computing
  • End-User Computing Team
  • Project Manager (if applicable)

Outcomes of this step

  • End-user computing roadmap
  • Migration plan

3.1.1 Identify the gaps in each EUC area

Build a high-level profile of the changes you want to make

For each of the five areas, build a profile for the changes you want to implement. Record:

  1. The owner of the area
  2. The objective that you want to accomplish
  3. The desired benefits from focusing on that area
  4. Any dependencies to the work
  5. Risks that can cause the objective and benefits to not be achieved

Identify the initiatives involved in each area.

Document these profiles and initiatives in the “Roadmap” section of your End-User Computing Strategy Template.

  1. Devices
    • Corporate-issued devices
    • Standard offerings
  2. User Support
    • Self-service
    • Tier 1 support
  3. Use Cases
    • Providing value
    • Business apps
  4. Policy & Governance
    • Personal device use
    • IT policy
  5. Fitness for Use
    • Securing devices
    • Patching

Your initiatives may require a user migration

Plan the user’s migration journey

Consider each user group’s and each persona’s unique needs and challenges throughout the migration.

  1. Preparing to migrate: The user may need to schedule the migration with IT and back up files.
  2. Migrating: IT executes the migration (e.g. updates the OS, changes management tools).
  3. Getting assistance: When a user experiences an error during the migration, how will they get help from IT?
  4. Post-migration: How will IT and the user know that the migration was successful one week later?

Understand the three migration approaches

Online

Users execute the migrate on their own (e.g. Microsoft’s consumer migration to Windows 10).

In person

Users come in person, select a device, and perform the migration with a specialist. If the device needs support, they return to the same place (e.g. buying a computer from a store).

Hybrid

Users select a device. When the device is ready, they can schedule time to pick up the device and perform the migration with a specialist (e.g. purchasing an iPhone in advance from Apple’s website with in-store pick-up).

Be prepared to support remotely

Migrations to the new tool may fail. IT should check in with the user to confirm that the device successfully made the migration.

3.1.2 Build out the user’s migration journey map

Contemplate a roadmap to plan for end-user computing initiatives

  • As a group, brainstorm migration initiatives.
  • For each of the four phases, identify:
    • User activities: actions we need the user to do
    • IT activities: actions and processes that IT will perform internally
    • User touchpoints with IT: how the user will interact with the IT group
    • Opportunities: ideas for how IT can provide additional value to the end user in this phase.
  • Use the example in the End-User Computing Strategy Template as a starting point.

Download the End-User Computing Strategy Template.

Embed requirements gathering throughout your roadmap

Use a combination of surveys, focus groups, and interviews

You’re doing more than eliciting opinions – you’re performing organizational change management.

  • Use surveys to profile the demand for specific requirements. When a project is announced, develop surveys to gauge what users consider must-have, should-have, and could-have requirements.
  • Interviews should be used with high-value targets. Those who receive one-on-one face time can help generate good requirements and allow for effective communication around requirements.
  • Focus groups are used to get input from multiple people in a similar role. This format allows you to ask a few open-ended questions to groups of about five people.

The benefits of interviews and focus groups:

  • Foster direct engagement: IT is able to hear directly from stakeholders about what they are looking to do with a solution and the level of functionality that they expect from it.
  • Offer greater detail: With interviews, greater insight can be gained by leveraging information that traditional surveys wouldn’t uncover. Face-to-face interactions provide thorough answers and context that helps inform requirements.
  • Remove ambiguity: Face-to-face interactions allow opportunities to follow up on ambiguous answers. Clarify what stakeholders are looking for and expect in a project.
  • Enable stakeholder management: Interviews are a direct line of communication with project stakeholders. They provide input and insight and help to maintain alignment, plan next steps, and increase awareness within the IT organization.

Activity instructions:

  1. Early requirements ideation: Identify who you want to interview through one-on-one meetings and focus groups.
  2. Requirements validation and prioritization: Identify which user groups you plan to survey and when.
  3. Usability testing: Plan to include usability testing during each phase. Build it into your release practices.

3.1.3 Build out a list of initiatives

Download a copy of the Roadmap Tool

On tab “1. Setup”:

  • Update category 1 to be all the EUC areas (i.e. Devices, User Support).
  • Update category 2 and category 3 with meaningful items (e.g. operating system, device model, persona group).

Use tab “2. Data Entry” to record your list of initiatives.

  • Each initiative should have its own row. Write a high-level summary under “Roadmap Item” and include more detail under “Description and Rationale.”
  • Enter each initiative’s effort, priority, and timeline for beginning. These are mandatory fields for tab “3. Roadmap” to work properly.

Use tab “3. Roadmap” to visualize your data. You will have to press “Refresh All” under Data in the ribbon for the PivotChart to update.

Copy the roadmap visual on tab “3. Roadmap” into your End-User Computing Strategy Template. You can also copy the list of initiatives over into the document.

Download the Roadmap Tool.

Summary of Accomplishment

Problem Solved

You built a strategy to improve the balance between user enablement, risk mitigation, and cost optimization. Throughout the blueprint, you identified opportunities to provide additional value to end users and stakeholders during these activities:

  • Goals cascade
  • User group analysis
  • Definition of standard device types and platforms
  • IT support shift-left analysis
  • Policy gap analysis
  • Roadmapping

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

Contact your account representative for more information.

workshops@infotech.com

1-888-670-8889

Additional Support

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop.

Contact your account representative for more information.

workshops@infotech.com 1-888-670-8889

To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

The following are sample activities that will be conducted by Info-Tech analysts with your team:

Identify User Groups

Identify each user group based on the business processes, tasks, and applications they use.

Define Standard Device Offerings

Record your provisioning models for each user group and the primary and secondary devices, apps, and peripherals that each group receives.

Related Info-Tech Research

Simplify Remote Deployment With Zero-Touch Provisioning

This project helps you align your zero-touch approach with stakeholder priorities and larger IT strategies. You will be able to build your zero-touch provisioning and patching plan from both the asset lifecycle and the end-user perspective to create a holistic approach that emphasizes customer service. Tailor deployment plans to more easily scope and resource deployment projects.

Implement Hardware Asset Management

This project will help you analyze the current state of your HAM program, define assets that will need to be managed, and build and involve the ITAM team from the beginning to help embed the change. It will also help you define standard policies, processes, and procedures for each stage of the hardware asset lifecycle, from procurement through to disposal.

Govern Office 365

This project will help you conduct a goals exercise and capability assessment for Office 365. You will be able to refine governance objectives, build out controls, formalize governance, build out one pagers, and finalize a communication plan.

Research Contributors and Experts

  • Steve Fox, Deputy IT Director, Virginia State Corporation Commission
  • Mazen Joukhadar, TransForm Shared Service Organization
  • Nathan Schlaud, PMO Senior Director, RPC Inc.
  • Rebecca Mountjoy, Infrastructure Systems Manager, BlueScope Buildings
  • DJ Robins, Director of Information Technology, Mohawk MedBuy
  • Jason Jenkins, Tech. Specialist, Michal Baker Corp.
  • Brad Wells, IT Infrastructure Solutions Architect, London Police Service
  • Danelle Peddell, Director, Project Management Office, Emco Corporation
  • John Annand, Principal Research Director, Info-Tech Research Group
  • Allison Kinnaird, Research Director and Research Lead, Info-Tech Research Group
  • Sandi Conrad, Principal Research Director, Info-Tech Research Group
  • Andrew Kum-Seun, Senior Research Analyst, Info-Tech Research Group
  • Mark Tauschek, Vice President IT Infrastructure & Operations Research, Info-Tech Research Group

A special thank-you to 6 anonymous contributors

Bibliography

“2020 Annual Report and Proxy.” Citrix, 2020. Accessed Oct. 2021.

“2021 BYOD Security Report.” Cybersecurity Insiders, 2021. Web.

Anderson, Arabella. “12 Remote Work Statistics to Know in 2022.” NorthOne, 2021. Accessed Oct. 2021.

Bayes, Scarlett. “ITSM: 2021 & Beyond.” Service Desk Institute, 14 April 2021, p. 14. Web.

Belton, Padraig. “Intel: Chip shortage will extend to at least 2023.” Light Reading, 22 Oct. 2021. Web.

Beroe Inc. “Demand for PC Components Saw a Surge Due to COVID-19, Says Beroe Inc.” Cision PR Newswire, 2 Sept. 2021. Web.

Devaraj, Vivekananthan. “Reference Architecture: Remote PC Access.” Citrix, 2021. Accessed Aug. 2021.

“Elements of the Project Charter and Project Scope Statement.” A Guide to PMBOK, 7th edition, PMI, 2021. Accessed Sept. 2021.

Elliott, Christopher. “This Is How The Pandemic Improved Customer Service.” Forbes, 2021. Accessed Oct. 2021.

“Enable TMP 2.0 on your PC.” Microsoft, Support, Aug. 2021. Web.

“End User Computing Trends to Look Out for in 2021.” Stratodesk, 30 Oct. 2020. Accessed September 2021.

“Global State of Customer Service: The Transformation of Customer Service from 2015 to Present Day.” Microsoft, 2019. Web.

Goodman, Elizabeth et al. “Observing the User Experience” A Practitioner's Guide to User Research, 2nd edition. Elsevier, 2012. Accessed Sept. 2021.

Govindarajulu, Chittibabu. “An Instrument to Classify End-Users Based On the User Cube” Informing Science, June 2002. Accessed September 2021.

Griffith, Eric. “Remote Employees to Bosses: Our PCs Suck!” PCMag, 11 Oct. 2021. Web.

Hutchings, Jeffrey D., and Craig A. de Ridder. “Impact of Remote Working on End User Computing Solutions and Services.” Pillsbury, 2021. Accessed Sept. 2021

“ITIL4 Create, Deliver, and Support.” Axelos, 2020. Accessed Sept. 2021.

“ITIL4 Drive Stakeholder Value” Axelos, 2020. Accessed Sept. 2021.

Mcbride, Neil, and Trevor Wood-Harper. “Towards User-Oriented Control of End-User Computing in Large Organizations” Journal of Organizational and End User Computing, vol. 14, no. 1, pp. 33-41, 2002. Accessed September 2021.

““Microsoft Endpoint Configuration Manager Documentation.” Microsoft Docs, Microsoft, 2021. Accessed Sept. 2021.

“Microsoft Intune documentation.” Microsoft Docs, Microsoft. Accessed Sept. 2021.

“Mobile Cellular Subscriptions (per 100 People).” The World Bank, International Telecommunication Union (ITU) World Telecommunication/ICT Indicators Database, 2020. Web.

Morgan, Jacob. “The Employee Experience Advantage: How to Win the War for Talent by Giving Employees the Workspaces they Want, the Tools they Need, and a Culture They Can Celebrate.” Wiley, 2017. Accessed Sept. 2021.

Murphy, Anna. “How the pandemic has changed customer support forever.” Intercom, 2021. Accessed Sept. 2021.

“Operating System Market Share Worldwide, Jan 2021-Jan 2022.” StatCounter GlobalStats, 2022. Web.

“Operating System Market Share Worldwide, Jan-Dec 2011.” StatCounter GlobalStats, 2012. Web.

Pereira, Karla Susiane, et al. “A Taxonomy to Classify Risk End-User Profile in Interaction with the Computing Environment.” In: Tryfonas T. (eds.) Human Aspects of Information Security, Privacy, and Trust. HAS 2016. Lecture Notes in Computer Science, vol. 9750. Accessed Sept. 2021.

Perrin, Andrew. “Mobile Technology and Home Broadband 2020.” Pew Research Center, 3 June 2021. Web.

Quan-Haase, Anabel. “Technology and Society: Social Networks, Power, and Inequality” Oxford University Press, 2012. Accessed Aug. 2021.

Reed, Karin, and Joseph Allen. “Suddenly Virtual: Making Remote Meetings Work.” Wiley, 2021. Accessed Aug. 2021.

Rockart, John F., and Lauren S. Flannery. “The management of end user computing.” Communications of the ACM, vol. 26, no. 10, Oct. 1983. Accessed September 2021.

Turek, Melanie. “Employees Say Smartphones Boost Productivity by 34 Percent: Frost & Sullivan Research.” Samsung Insights, 3 Aug. 2016. Web.

Vladimirskiy, Vadim. “Windows 365 vs. Azure Virtual Desktop (AVD) – Comparing Two DaaS Products.” Nerdio, 2021. Accessed Aug. 2021.

“VMware 2021 Annual Report.” VMware, Financial Document Library, 2021. Web.

VMworld 2021, Oct. 2021.

Vogels, Emily A. “Digital divide persists even as americans with lower incomes make gains in tech adoption.” Pew Research Center, 22 June 2021. Web.

“What is End-User computing?” VMware, 2021. Accessed Aug. 2021.

“Windows 10 Home and Pro.” Microsoft, Docs, 2021. Web.

Zibreg, Christian. “Microsoft 365 Now Boasts Over 50 Million Subscribers.” MUD, 29 April 2021. Web.

2024 Tech Trends

  • Buy Link or Shortcode: {j2store}289|cart{/j2store}
  • member rating overall impact (scale of 10): 10
  • Parent Category Name: Innovation
  • Parent Category Link: /improve-your-core-processes/strategy-and-governance/innovation

AI has revolutionized the landscape, placing the spotlight firmly on the generative enterprise.

The far-reaching impact of generative AI across various sectors presents fresh prospects for organizations to capitalize on and novel challenges to address as they chart their path for the future. AI is more than just a fancy auto-complete. At this point it may look like that, but do not underestimate the evolutive power.

In this year's Tech Trends report, we explore three key developments to capitalize on these opportunities and three strategies to minimize potential risks.

Generative AI will take the lead.

As AI transforms industries and business processes, IT and business leaders must adopt a deliberate and strategic approach across six key domains to ensure their success.

Seize Opportunities:

  • Business models driven by AI
  • Automation of back-office functions
  • Advancements in spatial computing

Mitigate Risks:

  • Ethical and responsible AI practices
  • Incorporating security from the outset
  • Ensuring digital sovereignty

Select and Use SDLC Metrics Effectively

  • Buy Link or Shortcode: {j2store}150|cart{/j2store}
  • member rating overall impact (scale of 10): 9.4/10 Overall Impact
  • member rating average dollars saved: $2,991 Average $ Saved
  • member rating average days saved: 32 Average Days Saved
  • Parent Category Name: Development
  • Parent Category Link: /development
  • Your organization wants to implement (or revamp existing) software delivery metrics to monitor performance as well as achieve its goals.
  • You know that metrics can be a powerful tool for managing team behavior.
  • You also know that all metrics are prone to misuse and mismanagement, which can lead to unintended consequences that will harm your organization.
  • You need an approach for selecting and using effective software development lifecycle (SDLC) metrics that will help your organization to achieve its goals while minimizing the risk of unintended consequences.

Our Advice

Critical Insight

  • Metrics are powerful, dangerous, and often mismanaged, particularly when they are tied to reward or punishment. To use SDLC metrics effectively, know the dangers, understand good practices, and then follow Info-Tech‘s TAG (team-oriented, adaptive, and goal-focused) approach to minimize risk and maximize impact.

Impact and Result

  • Begin by understanding the risks of metrics.
  • Then understand good practices associated with metrics use.
  • Lastly, follow Info-Tech’s TAG approach to select and use SDLC metrics effectively.

Select and Use SDLC Metrics Effectively Research & Tools

Start here – read the Executive Brief

Understand both the dangers and good practices related to metrics, along with Info-Tech’s TAG approach to the selection and use of SDLC metrics.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Understand the dangers of metrics

Explore the significant risks associated with metrics selection so that you can avoid them.

  • Select and Use SDLC Metrics Effectively – Phase 1: Understand the Risks of Metrics

2. Know good practices related to metrics

Learn about good practices related to metrics and how to apply them in your organization, then identify your team’s business-aligned goals to be used in SDLC metric selection.

  • Select and Use SDLC Metrics Effectively – Phase 2: Know Good Practices Related to Metrics
  • SDLC Metrics Evaluation and Selection Tool

3. Rank and select effective SDLC metrics for your team

Follow Info-Tech’s TAG approach to selecting effective SDLC metrics for your team, create a communication deck to inform your organization about your selected SDLC metrics, and plan to review and revise these metrics over time.

  • Select and Use SDLC Metrics Effectively – Phase 3: Rank and Select Effective SDLC Metrics for Your Team
  • SDLC Metrics Rollout and Communication Deck
[infographic]

Workshop: Select and Use SDLC Metrics Effectively

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Understand the Dangers of Metrics

The Purpose

Learn that metrics are often misused and mismanaged.

Understand the four risk areas associated with metrics: Productivity loss Gaming behavior Ambivalence Unintended consequences

Productivity loss

Gaming behavior

Ambivalence

Unintended consequences

Key Benefits Achieved

An appreciation of the dangers associated with metrics.

An understanding of the need to select and manage SDLC metrics carefully to avoid the associated risks.

Development of critical thinking skills related to metric selection and use.

Activities

1.1 Examine the dangers associated with metric use.

1.2 Share real-life examples of poor metrics and their impact.

1.3 Practice identifying and mitigating metrics-related risk.

Outputs

Establish understanding and appreciation of metrics-related risks.

Solidify understanding of metrics-related risks and their impact on an organization.

Develop the skills needed to critically analyze a potential metric and reduce associated risk.

2 Understand Good Practices Related to Metrics

The Purpose

Develop an understanding of good practices related to metric selection and use.

Introduce Info-Tech’s TAG approach to metric selection and use.

Identify your team’s business-aligned goals for SDLC metrics.

Key Benefits Achieved

Understanding of good practices for metric selection and use.

Document your team’s prioritized business-aligned goals.

Activities

2.1 Examine good practices and introduce Info-Tech’s TAG approach.

2.2 Identify and prioritize your team’s business-aligned goals.

Outputs

Understanding of Info-Tech’s TAG approach.

Prioritized team goals (aligned to the business) that will inform your SDLC metric selection.

3 Rank and Select Your SDLC Metrics

The Purpose

Apply Info-Tech’s TAG approach to rank and select your team’s SDLC metrics.

Key Benefits Achieved

Identification of potential SDLC metrics for use by your team.

Collaborative scoring/ranking of potential SDLC metrics based on their specific pros and cons.

Finalize list of SDLC metrics that will support goals and minimize risk while maximizing impact.

Activities

3.1 Select your list of potential SDLC metrics.

3.2 Score each potential metric’s pros and cons against objectives using a five-point scale.

3.3 Collaboratively select your team’s first set of SDLC metrics.

Outputs

A list of potential SDLC metrics to be scored.

A ranked list of potential SDLC metrics.

Your team’s first set of goal-aligned SDLC metrics.

4 Create a Communication and Rollout Plan

The Purpose

Develop a rollout plan for your SDLC metrics.

Develop a communication plan.

Key Benefits Achieved

SDLC metrics.

A plan to review and adjust your SDLC metrics periodically in the future.

Communication material to be shared with the organization.

Activities

4.1 Identify rollout dates and responsible individuals for each SDLC metric.

4.2 Identify your next SDLC metric review cycle.

4.3 Create a communication deck.

Outputs

SDLC metrics rollout plan

SDLC metrics review plan

SDLC metrics communication deck

Enterprise Network Design Considerations

  • Buy Link or Shortcode: {j2store}502|cart{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Network Management
  • Parent Category Link: /network-management

Security, risk, and trust models play into how networks are designed and deployed. If these models are not considered during network design, band-aids and workarounds will be deployed to achieve the needed goals, potentially bypassing network controls.

Our Advice

Critical Insight

The cloud “gold rush” has made it attractive for many enterprises to migrate services off the traditional network and into the cloud. These services are now outside of the traditional network and associated controls. This shifts the split of east-west vs. north-south traffic patterns, as well as extending the network to encompass services outside of enterprise IT’s locus of control.

Impact and Result

Where users access enterprise data or services and from which devices dictate the connectivity needed. With the increasing shift of work that the business is completing remotely, not all devices and data paths will be under the control of IT. This shift does not allow IT to abdicate from the responsibility to provide a secure network.

Enterprise Network Design Considerations Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Enterprise Network Design Considerations Deck – A brief deck that outlines key trusts and archetypes when considering enterprise network designs.

This blueprint will help you:

  • Enterprise Network Design Considerations Storyboard

2. Enterprise Network Roadmap Technology Assessment Tool – Build an infrastructure assessment in an hour.

Dispense with detailed analysis and customizations to present a quick snapshot of the road ahead.

  • Enterprise Network Roadmap Technology Assessment Tool
[infographic]

Further reading

Enterprise Network Design Considerations

It is not just about connectivity.

Executive Summary

Info-Tech Insight

Connectivity and security are tightly coupled

Security, risk, and trust models play into how networks are designed and deployed. If these models are not considered during network design, band-aids and workarounds will be deployed to achieve the needed goals, potentially bypassing network controls.

Many services are no longer within the network

The cloud “gold rush” has made it attractive for many enterprises to migrate services off the traditional network and into the cloud. These services are now outside of the traditional network and associated controls. This shifts the split of east-west vs. north-south traffic patterns, as well as extending the network to encompass services outside of enterprise IT’s locus of control.

Users are demanding an anywhere, any device access model

Where users access enterprise data or services and from which devices dictate the connectivity needed. With the increasing shift of work that the business is completing remotely, not all devices and data paths will be under the control of IT. This shift does not allow IT to abdicate from the responsibility to provide a secure network.

Enterprise networks are changing

The new network reality

The enterprise network of 2020 and beyond is changing:

  • Services are becoming more distributed.
  • The number of services provided “off network” is growing.
  • Users are more often remote.
  • Security threats are rapidly escalating.

The above statements are all accurate for enterprise networks, though each potentially to differing levels depending on the business being supported by the network. Depending on how affected the network in question currently is and will be in the near future, there are different common network archetypes that are best able to address these concerns while delivering business value at an appropriate price point.

High-Level Design Considerations

  1. Understand Business Needs
  2. Understand what the business needs are and where users and resources are located.

  3. Define Your Trust Model
  4. Trust is a spectrum and tied tightly to security.

  5. Align With an Archetype
  6. How will the network be deployed?

  7. Understand Available Tooling
  8. What tools are in the market to help achieve design principles?

Understand business needs

Mission

Never ignore the basics. Start with revisiting the mission and vision of the business to address relevant needs.

Users

Identify where users will be accessing services from. Remote vs. “on net” is a design consideration now more than ever.

Resources

Identify required resources and their locations, on net vs. cloud.

Controls

Identify required controls in order to define control points and solutions.

Define a trust model

Trust is a spectrum

  • There is a spectrum of trust, from fully trusted to not trusted at all. Each organization must decide for their network (or each area thereof) the appropriate level of trust to assign.
  • The ease of network design and deployment is directly proportional to the trust spectrum.
  • When resources and users are outside of direct IT control, the level of appropriate trust should be examined closely.

Implicit

Trust everything within the network. Security is perimeter based and designed to stop external actors from entering the large trusted zone.

Controlled

Multiple zones of trust within the network. Segmentation is a standard practice to separate areas of higher and lower trust.

Zero

Verify trust. The network is set up to recognize and support the principle of least privilege where only required access is supported.

Align with an archetype

Archetypes are a good guide

  • Using a defined archetype as a guiding principle in network design can help clarify appropriate tools or network structures.
  • Different aspects of a network can have different archetypes where appropriate (e.g. IT vs. OT [operational technology] networks).

Traditional

Services are provided from within the traditional network boundaries and security is provided at the network edge.

Hybrid

Services are provided both externally and from within the traditional network boundaries, and security is primarily at the network edge.

Inverted

Services are provided primarily externally, and security is cloud centric.

Traditional networks

Resources within network boundaries

Moat and castle security perimeter

Abstract

A traditional network is one in which there are clear boundaries defined by a security perimeter. Trust can be applied within the network boundaries as appropriate, and traffic is generally routed through internally deployed control points that may be centralized. Traditional networks commonly include large firewalls and other “big iron” security and control devices.

Network Design Tenets

  • The full network path from resource to user is designed, deployed, and controlled by IT.
  • Users external to the network must first connect to the network to gain access to resources.
  • Security, risk, and trust controls will be implemented by internal enterprise hardware/software devices.

Control

In the traditional network, it is assumed that all required control points can be adequately deployed across hardware/software that is “on prem” and under the control of central IT.

Info-Tech Insight

With increased cloud services provided to end users, this network is now more commonly used in data centers or OT networks.

Traditional networks

The image contains an example of what traditional networks look like, as described in the text below.

Defining Characteristics

  • Traffic flows in a defined path under the control of IT to and from central IT resources.
  • Due to visibility into, and the control of, the traffic between the end user and resources, IT can relatively simply implement the required security controls on owned hardware.

Common Components

  • Traditional offices
  • Remote users/road warriors
  • Private data center/colocation space

Hybrid networks

Resources internal and external to network

Network security perimeter combined with cloud protection

Abstract

A hybrid network is one that combines elements of a traditional network with cloud resources. As some of these resources are not fully under the control of IT and may be completely “offnet” or loosely coupled to the on-premises network, the security boundaries and control points are less likely to be centralized. Hybrid networks allow the flexibility and speed of cloud deployment without leaving behind traditional network constructs. This generally makes them expensive to secure and maintain.

Network Design Tenets

  • The network path from resource to user may not be in IT’s locus of control.
  • Users external to the network must first connect to the network to gain access to internal resources but may directly access publicly hosted ones.
  • Security, risk, and trust controls may potentially be implemented by a mixture of internal enterprise hardware/software devices and external control points.

Control

The hallmark of a hybrid network is the blending of public and private resources. This blending tends to necessitate both public and private points of control that may not be homogenous.

Info-Tech Insight

With multiple control points to address, take care in simplifying designs while addressing all concerns to ease operational load.

Hybrid networks

The image contains an example of what hybrid networks look like, as described in the text below.

Defining Characteristics

  • Traffic flows to central resources across a defined path under the control of IT.
  • Traffic to cloud assets may be partially under the control of IT.
  • For central resources, the traffic to and from the end user can have the required security controls relatively simply implemented on owned hardware.
  • For public cloud assets, IT may or may not have some control over part of the path.

Common Components

  • Traditional offices
  • Remote users/road warriors
  • Private data center/colocation space
  • Public cloud assets (IaaS/PaaS/SaaS)

Inverted perimeter

Resources primarily external to the network

Security control points are cloud centric

Abstract

An inverted perimeter network is one in which security and control points cover the entire workflow, on or off net, from the consumer of services through to the services themselves with zero trust. Since the control plane is designed to encompass the workflow in a secure manner, much of the underlying connectivity can be abstracted. In an extreme version of this deployment, IT would abstract end-user access, and any cloud-based or on-premises resources would be securely published through the control plane with context-aware precision access.

Network Design Tenets

  • The network path from resource to user is abstracted and controlled by IT through services like secure access service edge (SASE).
  • Users only need internet access and appropriate credentials to gain access to resources.
  • Security, risk, and trust controls will be implemented through external cloud based services.

Control

An inverted network abstracts the lower-layer connectivity away and focuses on implementing a cloud-based zero trust control plane.

Info-Tech Insight

This model is extremely attractive for organizations that consume primarily cloud services and have a large remote work force.

Inverted networks

The image contains an example of what inverted networks look like, as described in the text below.

Defining Characteristics

  • The end user does not have to be in a defined location.
  • All central resources that are to be accessed are hosted on cloud resources.
  • IT has little to no control of the path between the end user and central resources.

Common Components

  • Traditional offices
  • Regent offices/shared workspaces
  • Remote users/road warriors
  • Public cloud assets (IaaS/PaaS/SaaS)

Understand available tooling

Don’t buy a hammer and go looking for nails

  • A network archetype must be defined in order to understand what tools (hardware or software) are appropriate for consideration in a network build or refresh.
  • Tools are purpose built and generally designed to solve specific problems if implemented and operated correctly. Choose the tools to align with the challenges that you are solving as opposed to choosing tools and then trying to use those purchases to overcome challenges.
  • The purchase of a tool does not allow for abdication of proper design. Tools must be chosen appropriately and integrated properly to orchestrate the best solutions. Purchasing a tool and expecting the tool to solve all your issues rarely succeeds.

“It is essential to have good tools, but it is also essential that the tools should be used in the right way.” — Wallace D. Wattles

Software-defined WAN (SD-WAN)

Simplified branch office connectivity

Archetype Value: Traditional Networks

What It Is Not

SD-WAN is generally not a way to slash spending by lowering WAN circuit costs. Though it is traditionally deployed across lower cost access, to minimize risk and realize the most benefits from the platform many organizations install multiple circuits with greater bandwidths at each endpoint when replacing the more costly traditional circuits. Though this maximizes the value of the technology investment, it will result in the end cost being similar to the traditional cost plus or minus a small percentage.

What It Is

SD-WAN is a subset of software-defined networking (SDN) designed specifically to deploy a secure, centrally managed, connectivity agnostic, overlay network connecting multiple office locations. This technology can be used to replace, work in concert with, or augment more traditional costly connectivity such as MPLS or private point to point (PtP) circuits. In addition to the secure overlay, SD-WAN usually also enables policy-based, intelligent controls, based on traffic and circuit intelligence.

Why Use It

You have multiple endpoint locations connected by expensive lower bandwidth traditional circuits. Your target is to increase visibility and control while controlling costs if and where possible. Ease of centralized management and the ability to more rapidly turn up new locations are attractive.

Cloud access security broker (CASB)

Inline policy enforcement placed between users and cloud services

Archetype Value: Hybrid Networks

What It Is Not

CASBs do not provide network protection; they are designed to provide compliance and enforcement of rules. Though CASBs are designed to give visibility and control into cloud traffic, they have limits to the data that they generally ingest and utilize. A CASB does not gather or report on cloud usage details, licencing information, financial costing, or whether the cloud resource usage is aligned with the deployment purpose.

What It Is

A CASB is designed to establish security controls beyond a company’s environment. It is commonly deployed to augment traditional solutions to extend visibility and control into the cloud. To protect assets in the cloud, CASBs are designed to provide central policy control and apply services primarily in the areas of visibility, data security, threat protection, and compliance.

Why Use It

You a mixture of on-premises and cloud assets. In moving assets out to the cloud, you have lost the traditional controls that were implemented in the data center. You now need to have visibility and apply controls to the usage of these cloud assets.

Secure access service edge (SASE)

Convergence of security and service access in the cloud

Archetype Value: Inverted Networks

What It Is Not

Though the service will consist of many service offerings, SASE is not multiple services strung together. To present the value proposed by this platform, all functionality proposed must be provided by a single platform under a “single pane of glass.” SASE is not a mature and well-established service. The market is still solidifying, and the full-service definition remains somewhat fluid.

What It Is

SASE exists at the intersection of network-as-a-service and network-security-as-a-service. It is a superset of many network and security cloud offerings such as CASB, secure web gateway, SD-WAN, and WAN optimization. Any services offered by a SASE provider will be cloud hosted, presented in a single stack, and controlled through a single pane of glass.

Why Use It

Your network is inverting, and services are provided primarily as cloud assets. In a full realization of this deployment’s value, you would abstract how and where users gain initial network access yet remain in control of the communications and data flow.

Activity

Understand your enterprise network options

Activity: Network assessment in an hour

  • Learn about the Enterprise Network Roadmap Technology Assessment Tool
  • Complete the Enterprise Network Roadmap Technology Assessment Tool

This activity involves the following participants:

  • IT strategic direction decision makers.
  • IT managers responsible for network.
  • Organizations evaluating platforms for mission critical applications.

Outcomes of this step:

  • Completed Enterprise Network Roadmap Technology Assessment Tool

Info-Tech Insight

Review your design options with security and compliance in mind. Infrastructure is no longer a standalone entity and now tightly integrates with software-defined networks and security solutions.

Build an assessment in an hour

Learn about the Enterprise Network Roadmap Technology Assessment Tool.

This workbook provides a high-level analysis of a technology’s readiness for adoption based on your organization’s needs.

  • The workbook then places the technology on a graph that measures both the readiness and fit for your organization. In addition, it provides warnings for specific issues and lets you know if you have considerable uncertainty in your answers.
  • At a glance you can now communicate what you are doing to help the company:
    • Grow
    • Save money
    • Reduce risk
  • Regardless of your specific audience, these are important stories to be able to tell.
The image contains three screenshots from the Enterprise Network Roadmap Technology Assessment Tool.

Build an assessment in an hour

Complete the Enterprise Network Roadmap Technology Assessment Tool.

Dispense with detailed analysis and customizations to present a quick snapshot of the road ahead.

  1. Weightings: Adjust the Weighting tab to meet organizational needs. The provided weightings for the overall solution areas are based on a generic firm; individual firms will have different needs.
  2. Data Entry: For each category, answer the questions for the technology you are considering. When you have completed the questionnaire, go to the next tab for the results.
  3. Results: The Enterprise Network Roadmap Technology Assessment Tool provides a value versus readiness assessment of your chosen technology customized to your organization.

The image contains three screenshots from the Enterprise Network Roadmap Technology Assessment Tool. It has a screenshot for each step as described in the text above.

Related Info-Tech Research

Effectively Acquire Infrastructure Services

Acquiring a service is like buying an experience. Don’t confuse the simplicity of buying hardware with buying an experience.

Outsource IT Infrastructure to Improve System Availability, Reliability, and Recovery

There are very few IT infrastructure components you should be housing internally – outsource everything else.

Build Your Infrastructure Roadmap

Move beyond alignment: Put yourself in the driver’s seat for true business value.

Drive Successful Sourcing Outcomes With a Robust RFP Process

Leverage your vendor sourcing process to get better results.

Research Authors

The image contains a photo of Scott Young.

Scott Young, Principal Research Advisor, Info-Tech Research Group

Scott Young is a Director of Infrastructure Research at Info-Tech Research Group. Scott has worked in the technology field for over 17 years, with a strong focus on telecommunications and enterprise infrastructure architecture. He brings extensive practical experience in these areas of specialization, including IP networks, server hardware and OS, storage, and virtualization.

The image contains a photo of Troy Cheeseman.

Troy Cheeseman, Practice Lead, Info-Tech Research Group

Troy has over 24 years of experience and has championed large enterprise-wide technology transformation programs, remote/home office collaboration and remote work strategies, BCP, IT DRP, IT operations and expense management programs, international right placement initiatives, and large technology transformation initiatives (M&A). Additionally, he has deep experience working with IT solution providers and technology (cloud) startups.

Bibliography

Ahlgren, Bengt. “Design considerations for a network of information.” ACM Digital Library, 21 Dec. 2008.

Cox Business. “Digital transformation is here. Is your business ready to upgrade your mobile work equation?” BizJournals, 1 April 2022. Accessed April 2022.

Elmore, Ed. “Benefits of integrating security and networking with SASE.” Tech Radar, 1 April 2022. Web.

Greenfield, Dave. “From SD-WAN to SASE: How the WAN Evolution is Progressing.” Cato Networks, 19 May 2020. Web

Korolov, Maria. “What is SASE? A cloud service that marries SD-WAN with security.” Network World, 7 Sept. 2020. Web.

Korzeniowski, Paul, “CASB tools evolve to meet broader set of cloud security needs.” TechTarget, 26 July 2019. Accessed March 2022.

Enable Product Delivery – Executive Leadership Workshop

  • Buy Link or Shortcode: {j2store}353|cart{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Development
  • Parent Category Link: /development
  • You need to clearly convey the direction and strategy of your product portfolio to gain alignment, support, and funding from your organization.
  • IT organizations are traditionally organized to deliver initiatives in specific periods of time. This conflicts with product delivery, which continuously delivers value over the lifetime of a product.
  • Delivering multiple products together creates additional challenges because each product has its own pedigree, history, and goals.

Our Advice

Critical Insight

  • Empowered product managers and product owners are the key to ensuring your delivery teams are delivering the right value at the right time to the right stakeholders.
  • Establishing operationally aligned product families helps bridge the gap between enterprise priorities and product enhancements.
  • Leadership must be aligned to empower and support Agile values and product teams to unlock the full value realization within your organization.

Impact and Result

  • Common understanding of product management and Agile delivery.
  • Commitment to support and empower product teams.

Enable Product Delivery – Executive Leadership Workshop Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Enabling Product Delivery – Executive workshop to align senior leadership with their transition to product management and delivery.

  • Enabling Product Delivery – Executive Workshop Storyboard

2. Enabling Product Delivery –Executive Workshop Outcomes.

  • Enabling Product Delivery – Executive Workshop Outcomes
[infographic]

Workshop: Enable Product Delivery – Executive Leadership Workshop

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Understanding Your Top Challenges

The Purpose

Understand the drivers for your product transformation.

Key Benefits Achieved

Define the drivers for your transition to product-centric delivery.

Activities

1.1 What is driving your organization to become product focused?

Outputs

List of challenges and drivers

2 Transitioning From Projects to Product-Centric Delivery

The Purpose

Understand the product transformation journey and differences.

Key Benefits Achieved

Identify the cultural, behavioral, and leadership changes needed for a successful transformation.

Activities

2.1 Define the differences between projects and product delivery

Outputs

List of differences

3 Enterprise Agility and the Value of Change

The Purpose

Understand why smaller iterations increase value realization and decrease accumulated risk.

Key Benefits Achieved

Leverage smaller iterations to reduce time to value and accumulated risk to core operations.

Activities

3.1 What is business agility?

Outputs

Common understanding about the value of smaller iterations

4 Defining Products and Product Management in Your Context

The Purpose

Establish an organizational starting definition of products.

Key Benefits Achieved

Tailor product management to meet the needs and vision of your organization.

Activities

4.1 What is a product? Who are your consumers?

4.2 Identify enablers and blockers of product ownership

4.3 Define a set of guiding principles for product management

Outputs

Product definition

List of enablers and blockers of product ownership

Set of guiding principles for product management

5 Connecting Product Management to Agile Practices

The Purpose

Understand the relationship between product management and product delivery.

Key Benefits Achieved

Optimize product management to prioritize the right changes for the right people at the right time.

Activities

5.1 Discussions

Outputs

Common understanding

6 Commit to Empowering Agile Product Teams

The Purpose

Personalize and commit to supporting product teams.

Key Benefits Achieved

Embrace leadership and cultural changes needed to empower and support teams.

Activities

6.1 Your management culture

6.2 Personal Cultural Stop, Start, and Continue

6.3 Now, Next, Later to support product owners

Outputs

Your management culture map

Personal Cultural Stop, Start, and Continue list

Now, Next, Later roadmap

Further reading

Enable Product Delivery – Executive Leadership Workshop

Strengthen product management in your organization through effective executive leadership by focusing on product teams, core capabilities, and proper alignment.

Objective of this workshop

To develop a common understanding and foundation for product management so we, as leaders, better understand how to lead product owners, product managers, and their teams.

Enable Product Delivery - Executive Leadership Workshop

Learn how enterprise agility can provide lasting value to the organization

Clarify your role in supporting your teams to deliver lasting value to stakeholders and customers

  1. Understanding Your Top Challenges
    • Define your challenges, goals, and opportunities Agile and product management will impact.
  2. Transitioning from Projects to Product-centric Delivery
    • Understand the shift from fixed delivery to continuous improvement and delivery of value.
  3. Enterprise Agility and the Value of Change
    • Organizations need to embrace change and leverage smaller delivery cycles.
  4. Defining Your "Products" and Product Management
    • Define products in your culture and how to empower product delivery teams.
  5. Connecting Product Management to Agile Practices
    • Use product ownership to drive increased ROI into your product delivery teams and lifecycles.
  6. Commit to Empowering Agile Product Teams
    • Define the actions and changes you must make for this transformation to be successful.

Your Product Transformation Journey

  1. Make the Case for Product Delivery
    • Align your organization with the practices to deliver what matters most
  2. Enable Product Delivery – Executive Workshop
    • One-day executive workshop – align and prepare your leadership
    • Audience: Senior executives and IT leadership.
      Size: 8-16 people
      Time: 6 hours
  3. Deliver on Your Digital Product Vision
    • Enhance product backlogs, roadmapping, and strategic alignment
    • Audience: Product Owners/Mangers
      Size: 10-20 people
      Time: 3-4 days
  4. Deliver Your Digital Products at Scale
    • Scale Product Families to Align Enterprise Goals
    • Audience: Product Owners/Mangers
      Size: 10-20 people
      Time: 3-4 days
  5. Mature and Scale Product Ownership
    • Align and mature your product owners
    • Audience: Product Owners/Mangers
      Size: 8-16 people
      Time: 2-4 days

Repeat workshops with different companies, operating units, departments, or teams as needed.

What is a workshop?

We WILL ENGAGE in discussions and activities:

  • Flexible, to accommodate the needs of the group.
  • Open forum for discussion and questions.
  • Share your knowledge, expertise, and experiences (roadblocks and success stories).
  • Everyone is part of the process.
  • Builds upon itself.

This workshop will NOT be:

  • A lecture or class.
  • A monologue that never ends.
  • Technical training.
  • A presentation.
  • Us making all the decisions.

Roles within the workshop

We each have a role to play to make our workshop successful!

Facilitators

  • Introduce the best practice framework used by Info-Tech.
  • Ask questions about processes, procedures, and assumptions.
  • Guide for the methodology.
  • Liaison for any other relevant Info-Tech research or services.

Participants

  • Contribute and speak out as much as needed.
  • Provide expertise on the current processes and technology.
  • Ask questions.
  • Provide feedback.
  • Collaborate and work together to produce solutions.

Understanding Your Top Challenges

  • Understanding Your Top Challenges
  • Transitioning From Projects to Product-Centric Delivery
  • Enterprise Agility and the Value of Change
  • Defining Your Products and Product Management
  • Connecting Product Management to Agile Practices
  • Commit to Empowering Agile Product Teams
  • Wrap-Up and Retrospective

Executive Summary

Your Challenge

  • Products are the lifeblood of an organization. They deliver the capabilities needed to deliver value to customers, internal users, and stakeholders.
  • The shift to becoming a product organization is intended to continually increase the value you provide to the broader organization as you grow and evolve.
  • You need to clearly convey the direction and strategy of your product portfolio to gain alignment, support, and funding from your organization.

Common Obstacles

  • IT organizations are traditionally organized to deliver initiatives in specific periods of time. This conflicts with product delivery, which continuously delivers value over the lifetime of a product.
  • Delivering multiple products together creates additional challenges because each product has its own pedigree, history, and goals.
  • Product owners struggle to prioritize changes to deliver product value. This creates a gap and conflict between product and enterprise goals.

Info-Tech's Approach

Info-Tech's approach will guide you through:

  • Understanding the top challenges driving your product initiative.
  • Improving your transitioning from projects to product-centric delivery.
  • Enhancing enterprise agility and the value of change.
  • Defining products and product management in your context.
  • Connecting product management to Agile practices.
  • Committing to empowering Agile Product teams.
This is an image of an Info-Tech Thought Map for Accelerate Your Transition to Product Delivery
This is an image of an Info-Tech Thought Map for Delier on your Digital Product Vision
This is an image of an Info-Tech Thought Map for Deliver Digital Products at Scale via Enterprise Product Families.
This is an image of an Info-Tech Thought Map for What We Mean by an Applcation Department Strategy.

What is driving your organization to become product focused?

30 minutes

  • Team introductions:
    • Share your name and role
    • What are the key challenges you are looking to solve around product management?
    • What blockers or challenges will we need to overcome?

Capture in the Enable Product Delivery – Executive Leadership Workshop Outcomes and Next Steps.

Input

  • Organizational knowledge
  • Goals and challenges

Output

  • List of key challenges
  • List of workshop expectations
  • Parking lot items

Transitioning From Projects to Product-Centric Delivery

  • Understanding Your Top Challenges
  • Transitioning From Projects to Product-Centric Delivery
  • Enterprise Agility and the Value of Change
  • Defining Your Products and Product Management
  • Connecting Product Management to Agile Practices
  • Commit to Empowering Agile Product Teams
  • Wrap-Up and Retrospective

Define the differences between projects and product delivery

30 minutes

  • Consider project delivery and product delivery.
  • Discussion:
    • What are some differences between the two?

Capture in the Enable Product Delivery – Executive Leadership Workshop Outcomes and Next Steps.

Input

  • Organizational knowledge
  • Internal terms and definitions

Output

  • List of differences between projects and product delivery

Define the differences between projects and product delivery

15 minutes

Project Delivery

vs

Product Delivery

Point in time

What is changed

Method of funding changes

Needs an owner

Input

  • Organizational knowledge
  • Internal terms and definitions

Output

  • List of differences between projects and product delivery

Capture in the Enable Product Delivery – Executive Leadership Workshop Outcomes and Next Steps.

Identify the differences between a project-centric and a product-centric organization

Project

Product

Fund Projects

Funding

Fund Products or Teams

Line of Business Sponsor

Prioritization

Product Owner

Makes Specific Changes
to a Product

Product Management

Improve Product Maturity
and Support

Assign People to Work

Work Allocation

Assign Work
to Product Teams

Project Manager Manages

Capacity Management

Team Manages Capacity

Info-Tech Insight

Product delivery requires significant shifts in the way you complete development work and deliver value to your users. Make the changes that support improving end user value and enterprise alignment.

Projects can be a mechanism for funding product changes and improvements

This is an image showing the relationship between the project lifecycle, a hybrid lifecycle, and a product lifecycle.

Projects within products

Regardless of whether you recognize yourself as a "product-based" or "project-based" shop, the same basic principles should apply.

You go through a period or periods of project-like development to build a version of an application or product.

You also have parallel services along with your project development, which encompass the more product-based view. These may range from basic support and maintenance to full-fledged strategy teams or services like sales and marketing.

While Agile and product are intertwined, they are not the same!

Delivering products does not necessarily require an Agile mindset. However, Agile methods help facilitate the journey because product thinking is baked into them.

This image shows the product delivery maturity process from waterfall to continuous integration and delivery.

Product roadmaps guide delivery and communicate your strategy

In Deliver on Your Digital Product Vision, we demonstrate how the product roadmap is core to value realization. The product roadmap is your communicated path, and as a product owner, you use it to align teams and changes to your defined goals while aligning your product to enterprise goals and strategy.

This is an image adapted from Pichler, What is Product Management.

Adapted from: Pichler, "What Is Product Management?"

Info-Tech Insight

The quality of your product backlog – and your ability to realize business value from your delivery pipeline – is directly related to the input, content, and prioritization of items in your product roadmap.

Build a Software Quality Assurance Program

  • Buy Link or Shortcode: {j2store}284|cart{/j2store}
  • member rating overall impact (scale of 10): 9.6/10 Overall Impact
  • member rating average dollars saved: $20,972 Average $ Saved
  • member rating average days saved: 14 Average Days Saved
  • Parent Category Name: Testing, Deployment & QA
  • Parent Category Link: /testing-deployment-and-qa
  • Today’s rapidly scaling and increasingly complex products create mounting pressure on delivery teams to release new systems and changes quickly and with sufficient quality.
  • Many organizations lack the critical capabilities and resources needed to satisfy their growing testing backlog, risking product success.

Our Advice

Critical Insight

  • Testing is often viewed as a support capability rather than an enabler of business growth. It receives focus and investment only when it becomes a visible problem.
  • The rise in security risks, aggressive performance standards, constantly evolving priorities, and misunderstood quality policies further complicate QA as it drives higher expectations for effective practices.
  • QA starts with good requirements. Tests are only as valuable as the requirements they are validating and verifying. Early QA improves the accuracy of downstream tests and reduces costs of fixing defects late in delivery.
  • Quality is an organization-wide accountability. Upstream work can have extensive ramifications if all roles are not accountable for the decisions they make.
  • Quality must account for both business and technical requirements. Valuable change delivery is cemented in a clear understanding of quality from both business and IT perspectives.

Impact and Result

  • Standardize your definition of a product. Come to an organizational agreement of what attributes define a high-quality product. Accommodate both business and IT perspectives in your definition.
  • Clarify the role of QA throughout your delivery pipeline. Indicate where and how QA is involved throughout product delivery. Instill quality-first thinking in each stage of your pipeline to catch defects and issues early.
  • Structure your test design, planning, execution, and communication practices to better support your quality definition and business and IT environments and priorities. Adopt QA good practices to ensure your tests satisfy your criteria for a high-quality and successful product.

Build a Software Quality Assurance Program Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should build a strong foundation for quality, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Define your QA process

Standardize your product quality definition and your QA roles, processes, and guidelines according to your business and IT priorities.

  • Build a Strong Foundation for Quality – Phase 1: Define Your QA Process
  • Test Strategy Template

2. Adopt QA good practices

Build a solid set of good practices to define your defect tolerances, recognize the appropriate test coverage, and communicate your test results.

  • Build a Strong Foundation for Quality – Phase 2: Adopt QA Good Practices
  • Test Plan Template
  • Test Case Template
[infographic]

Workshop: Build a Software Quality Assurance Program

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Define Your QA Process

The Purpose

Discuss your quality definition and how quality is interpreted from both business and IT perspectives.

Review your case for strengthening your QA practice.

Review the standardization of QA roles, processes, and guidelines in your organization.

Key Benefits Achieved

Grounded understanding of quality that is accepted across IT and between the business and IT.

Clear QA roles and responsibilities.

A repeatable QA process that is applicable across the delivery pipeline.

Activities

1.1 List your QA objectives and metrics.

1.2 Adopt your foundational QA process.

Outputs

Quality definition and QA objectives and metrics.

QA guiding principles, process, and roles and responsibilities.

2 Adopt QA Good Practices

The Purpose

Discuss the practices to reveal the sufficient degree of test coverage to meet your acceptance criteria, defect tolerance, and quality definition.

Review the technologies and tools to support the execution and reporting of your tests.

Key Benefits Achieved

QA practices aligned to industry good practices supporting your quality definition.

Defect tolerance and acceptance criteria defined against stakeholder priorities.

Identification of test scenarios to meet test coverage expectations.

Activities

2.1 Define your defect tolerance.

2.2 Model and prioritize your tests.

2.3 Develop and execute your QA activities.

2.4 Communicate your QA activities.

Outputs

Defect tolerance levels and courses of action.

List of test cases and scenarios that meet test coverage expectations.

Defined test types, environment and data requirements, and testing toolchain.

Test dashboard and communication flow.

Recruit and Retain More Women in IT

  • Buy Link or Shortcode: {j2store}575|cart{/j2store}
  • member rating overall impact (scale of 10): 9.3/10 Overall Impact
  • member rating average dollars saved: $14,532 Average $ Saved
  • member rating average days saved: 4 Average Days Saved
  • Parent Category Name: Attract & Select
  • Parent Category Link: /attract-and-select
  • While the number of jobs in IT has increased dramatically, the percentage of women in IT has progressed disproportionately, with only 25% of IT jobs being held by women (CIO from IDG, 2021).
  • The challenge is not a lack of talented women with the competencies to excel within IT, but rather organizations lack an effective strategy to recruit and retain women in IT.

Our Advice

Critical Insight

  • Retaining and attracting top women is good business, not personal. As per McKinsey Global Institute, “$4.3 trillion of additional annual GDP in 2025 could be added to the U.S. by fully bridging the gender gap.”
  • In the war on talent, having a strategy around how you will recruit & retain of women in IT is Marketing 101. What influences whether women apply for roles and stay at organizations is different than men; traditional models won’t cut it.

Impact and Result

To stay competitive, IT leaders need to radically change the way they recruit and retain talent, and women in IT represent one of the largest untapped markets for IT talent. CIOs need a targeted strategy to attract and retain the best, and this requires a shift in how leaders currently manage the talent lifecycle. Info-Tech offers a targeted solution that will help IT leaders:

  1. Build a Recruitment Playbook: Leverage Info-Tech tools to effectively sell to, search for, and secure top talent.
  2. Build a Retention Strategy: Follow Info-Tech’s step-by-step process to identify initiatives and opportunities to retain your top talent.

Recruit and Retain More Women in IT Research & Tools

Besides the small introduction, subscribers and consulting clients within this management domain have access to:

1. Recruit and Retain More Women in IT Deck – A step-by-step document that walks you through how to build a recruitment and retention plan for women in IT.

Create a targeted recruitment and retention strategy for women. Increase the number of viable candidates by leveraging best practices to sell to, search for, and secure top women in IT. Take a data-driven approach to improving retention of women by using best practices to measure and improve employee engagement.

  • Recruit and Retain More Women in IT – Phases 1-2

2. Employee Value Proposition Tools – Build and road-test your employee value proposition to ensure that it is aligned, clear, compelling, and differentiated.

These tools tap into best practices to help you collect the information you need to build, assess, test, and adopt an employee value proposition.

  • Employee Value Proposition (EVP) Interview Guide
  • Employee Value Proposition (EVP) Scorecard
  • Employee Value Proposition (EVP) Internal Scorecard Handout

3. IT Behavioral Interview Question Library – A complete list of sample questions aligned with core, leadership, and IT competencies.

Don’t hire by intuition, consider leveraging behavioral interview questions to reduce bias and uncover candidates that will be able to execute on the job.

  • IT Behavioral Interview Question Library

4. Stay Interview Guide – Use this tool to guide one-on-one conversations with your team members to monitor employee engagement between surveys.

Stay interviews are an effective method for monitoring employee engagement. Have these informal conversations to gain insight into what your employees really think about their jobs, what causes them to stay, and what may lead them to leave.

  • Stay Interview Guide

Infographic

Workshop: Recruit and Retain More Women in IT

Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

1 Make the Case for Strategically Recruiting and Retaining Women in IT

The Purpose

Identify the need for a targeted strategy to recruit and retain women in IT and pinpoint your largest opportunities to drive diversity in your IT team.

Key Benefits Achieved

Establish goals and targets for the changes to be made to your IT recruitment and retention strategies.

Activities

1.1 Understand trends in IT staffing.

1.2 Assess your talent lifecycle challenges and opportunities.

1.3 Make the case for changes to recruitment and retention strategies.

Outputs

Recruitment & Retention Metrics Report

Business Case for Recruitment and Retention Changes

2 Develop Strategies to Sell Your Organization to Wider Candidate Pool

The Purpose

The way you position the organization impacts who is likely to apply to posted positions. Ensure you are putting a competitive foot forward by developing a unique, meaningful, and aspirational employee value proposition and clear job descriptions.

Key Benefits Achieved

Implement effective strategies to drive more applications to your job postings.

Activities

2.1 Develop an IT employee value proposition.

2.2 Adopt your employee value proposition.

2.3 Write meaningful job postings.

Outputs

Employee Value Proposition

EVP Marketing Plan

Revised Job Ads

3 Expand Your Talent Sourcing Strategy

The Purpose

Sourcing shouldn’t start with an open position, it should start with identifying an anticipated need and then building and nurturing a talent pipeline.

IT participation in this is critical to effectively promote the employee experience and foster relationships before candidates even apply.

Key Benefits Achieved

Develop a modern job requisition form though role analysis.

Increase your candidate pool by expanding sourcing programs.

Activities

3.1 Build realistic job requisition forms.

3.2 Identify new alternative sourcing approaches for talent.

3.3 Build a sourcing strategy.

Outputs

Job requisition form for key roles

Sourcing strategy for key roles

4 Secure Top Talent

The Purpose

Work with your HR department to influence the recruitment process by taking a data-driven approach to understanding the root cause of applicant drop-off and success and take corrective actions.

Key Benefits Achieved

Optimize your selection process.

Implement non-bias interview techniques in your selection process.

Activities

4.1 Assess key selection challenges.

4.2 Implement behavioral interview techniques.

Outputs

Root-Cause Analysis of Section Challenges

Behavioral Interview Guide

5 Retain Top Women in IT

The Purpose

Employee engagement is one of the greatest predictors of intention to stay.

To retain employees you need to understand not only engagement, but also your employee experience and the moments that matter, and actively work to create positive experience.

Key Benefits Achieved

Identify opportunities to drive engagement across your IT organization.

Implement tactical programs to reduce turnover in IT.

Activities

5.1 Measure employee engagement and review results.

5.2 Identify new alternative sourcing approaches for talent.

5.3 Train managers to conduct stay interviews and drive employee engagement.

Outputs

Identified Employee Engagement Action Plan

Action Plan to Execute Stay Interviews

Further reading

Recruit and Retain More Women in IT

Gender diversity is directly correlated to IT performance.

EXECUTIVE BRIEF

Executive Summary

Your Challenge

Technology has never been more important to organizations, and as a result, recruiting and retaining quality IT employees is increasingly difficult.

  • IT unemployment rates continue to hover below 2% in the US.
  • The IT talent market has evolved into one where the employer is the seller and the employee is the buyer.

Common Obstacles

  • While the number of jobs in IT has increased dramatically, the percentage of women in IT has progressed disproportionately, with only 25% of IT jobs being held by women.*
  • The challenge is not a lack of talented women with the competencies to excel within IT, but rather organizations lack an effective strategy to recruit and retain women in IT.

Info-Tech’s Approach

To stay competitive, IT leaders need to radically change the way they recruit and retain talent, and women in IT represent one of the largest untapped markets. CIOs need a targeted strategy to attract and retain the best, and this requires a shift in how leaders currently manage the talent lifecycle. Info-Tech offers a targeted solution to help:

  • Build a Recruitment Playbook: Leverage Info-Tech tools to effectively sell to, search for, and secure top talent.
  • Build a Retention Strategy: Follow Info-Tech’s step-by-step process to identify initiatives and opportunities to retain your top talent.

Info-Tech Insight

Retaining and attracting top women is good business, not personal. Companies with greater gender diversity on executive teams were 25% more likely to have above-average profitability.1 In the war on talent, having a strategy around how you will recruit and retain women in IT is Marketing 101. What influences whether women apply for roles and stay at organizations is different than men; traditional models won’t cut it.

*– McKinsey & Company, 2020; 2 – CIO From IDG, 2021
The image contains a screenshot of a thought model titled: Recruit and Retain More Women in IT. Its subheading is: Gender Diversity is Directly Correlated to IT Performance. The thought model lists critical methods to recruit and retain, and also a traditional method to compare.

Diversity & inclusion – it’s good business, not personal

Why should organizations care about diversity?

  1. The war for talent is real. Every CIO needs a plan of attack. Unemployment rates are dropping and 54% of CIOs report that the skills shortage is holding them up from meeting their strategic objectives.
  2. Source: Harvey Nash and KPMG, 2020
  3. Diversity has clear ROI – both in terms of recruitment and retention. Eighty percent of technology managers experienced increased turnover in 2021. Not only are employee tenures decreasing, the competition for talent is fierce and the average cost of turnover is 150% of an IT worker’s salary.
  4. Source: Robert Half, 2021
  5. Inability to recruit and retain talent will reduce business satisfaction. Organizations who are continuously losing talent will be unable to meet corporate objectives due to lost productivity, keeping them in firefighting mode. An engaged workforce is a requirement for driving innovation and project success.

ISACA’s 2020 study shows a disconnect between what men and women think is being done to recruit and retain female employees

Key findings from ISACA’s 2020 Tech Workforce survey

65% of men think their employers have a program to encourage hiring women. But only 51% of women agree.

71% of men believe their employers have a program to encourage the promotion or advancement of women. But only 59% of women agree.

49% of women compared to 44% of men in the survey feel they must work harder than their peers.

22% of women compared to 14% of men feel they are underpaid.

66% of women compared to 72% of men feel they are receiving sufficient resources to sustain their career.

30% of women compared to 23% of men feel they have unequal growth opportunities.

74% of women compared to 64% of men feel they lack confidence to negotiate their salaries.

To see ISACA’s full report click here.
The image contains a screenshot of a multi bar graph to demonstrate the percentage of female employees in the workforce of major tech companies. The major tech companies include: Amazon, Facebook, Apple, Google, and Microsoft.
Image: Statista, 2021, CC BY-ND 4.0

The chart to the left, compiled by Statista, (based on self-reported company figures) shows that women held between 23% to 25% of the tech jobs at major tech companies.

Women are also underrepresented in leadership positions: 34% at Facebook, 31% at Apple, 29% at Amazon, 28% at Google, and 26% at Microsoft.

(Statista, 2021)

To help support women in tech, 78% of women say companies should promote more women into leadership positions. Other solutions include:

  • Providing mentorship opportunities (72%)
  • Offering flexible scheduling (64%)
  • Conducting unconscious bias training (57%)
  • Offering equal maternity and paternity leave (55%)
  • (HRD America, 2021)

Traditional retention initiatives target the majority – the drivers that impact the retention of women in IT are different

Ranked correlation of impact of engagement drivers on retention

The image contains a screenshot that demonstrates the differences in retaining men and women in IT.

* Recent data stays consistent, but, the importance of compensation and recognition in retaining women in IT is increasing.

Info-Tech Research Group Employee Engagement Diagnostic; N=1,856 IT employees

The majority of organizations take a one-size-fits-all approach to retaining and engaging employees.

However, studies show that women are leaving IT in significantly higher proportions than men and that the drivers impacting men’s and women’s retention are different. Knowing how men and women react differently to engagement drivers will help you create a targeted retention strategy.

In particular, to increase the retention and engagement of women, organizations should develop targeted initiatives that focus on:

  • Organizational culture
  • Employee empowerment
  • Manager relationships

Why organizations need to focus on the recruitment and retention of women in IT

  1. Women expand the talent pool. Women represent a vast, untapped talent pool that can bolster the technical workforce. Unfortunately, traditional IT recruitment processes are targeted toward a limited IT profile – the key to closing the IT skills gap is to look for agile learners and expand your search criteria to cast a larger net.
  2. Diversity increases innovation opportunities. Groups with greater diversity solve complex problems better and faster than homogenous groups, and the presence of women is more likely to increase the problem-solving and creative abilities of the group.
  3. Women increase your ROI. Research shows that companies with the highest representation of women in their management teams have a 34% higher return on investment than those with few or no women. Further, organizations who are unable to retain top women in their organization are at risk for not being able to deliver to SLAs or project expectations and lose the institutional knowledge needed for continuous improvement.
  4. Source: Bureau of Labour Statistics; Info-Tech Research Group/McLean & Company Analysis

Improving the representation of women in your organization requires rethinking recruitment and retention strategies

SIGNS YOU MAY NEED A TARGETED RECRUITMENT STRATEGY…

SIGNS YOU MAY NEED A TARGETED RETENTION STRATEGY…

  • “It takes longer than 8 weeks to fill a posted IT position.”
  • “Less than 35% of applicants to posted positions are women.”
  • “In the last year the number of applicants to posted positions has decreased.”
  • “The number of female employees who have referred employees in the last year is significantly lower than men in the department.”
  • “Less than 35% of your IT workforce is made up of women.”
  • “Proportionally women decline IT roles in higher rates than men in IT.”
  • “Voluntary turnover of high performers and high potentials is above 5%.”
  • “Turnover of women in IT is disproportionate to the percentage of IT staff.”
  • “Employee rankings of the IT department on social networking sites (e.g. Glassdoor) are low.”
  • “Employees are frequently absent from their jobs.”
  • “Less than 25% of management roles in IT are filled by women.”
  • “Employee engagement scores are lower among women than men.”

Info-Tech’s approach to improving gender diversity at your organization

Info-Tech takes a practical, tactical approach to improving gender diversity at organizations, which starts with straightforward tactics that will help you improve the recruitment and retention of women in your organization.

How we can help

  1. Leverage Info-Tech’s tools to define your current challenges and opportunities for gender diversity to improve your recruitment and retention issues.
  2. Employ straightforward and tested tactics to increase talent acquisition of women in IT by optimizing how you sell to, search for, and secure top female talent.
  3. Take a data-driven approach to measure and increase the retention and engagement of women within your IT organization, and know how and when to involve your staff for optimal results.

Leverage Info-Tech’s customizable deliverables to improve the recruitment and retention of women in your organization

RECRUIT Top Women in IT

If you don’t have a targeted recruitment strategy for women, you are missing out on 50% of the candidate pool. Increase the number of viable candidates by leveraging best practices to sell to, search for, and secure top women in IT.

Key metrics to track:

  • Average number of female candidates per posting
  • Average time to fill position
  • Percentage of new hires still at the organization one year later

RETAIN Top Women in IT

The drivers that impact the retention of men and women are different. Take a data-driven approach to improving retention of women in your organization by using best practices to measure and improve employee engagement.

Key metrics to track:

  • Voluntary turnover rates of men and women
  • Average tenure of men and women
  • Percentage of internal promotions going to men and women
  • Employee engagement scores

Info-Tech’s methodology for Recruit and Retain More Women in IT

1. Enhance Your Recruitment Strategies

2. Enhance Your Retention Strategies

Phase Steps

  1. Sell:
  • Develop an attractive employee value proposition.
  • Understand the impact of language on applicants.
  • Search:
    • Define meaningful job requirements
    • Evaluate various sourcing pools.
  • Secure:
    • Improve the interview experience.
    • Leverage behavioral interview questions to limit bias.
    1. Drive engagement in key areas correlated with driving higher retention of women in IT.
    2. Train managers to understand key moments that matter in the employee experience.
    3. Understand what motivates key performers to stay at your organization.

    Phase Outcomes

    Recruitment Optimization Plan

    Retention Optimization Plan

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our teams knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization. A typical GI is 6 calls over the course of 1 to 2 months.

    1. Tactics to Recruit More Women in IT

    Call #1: Develop a strategy to better sell your organization to diverse candidates.

    Call #2: Evaluate your candidate search practices to reach a wider audience.

    Call #3: Introduce best practices in your interviews to improve the candidate experience and limit bias.

    2. Tactics to Retain More Women in IT

    Call #4: Launch focus groups to improve performance of key retention drivers.

    Call #5: Measure the employee experience and identify key moments that matter to staff.

    Call #6: Conduct stay interviews and establish actions to improve retention.

    Workshop Overview

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    Day 1

    Day 2

    Day 3

    Day 4

    Day 5

    Make the Case

    Develop Strategies to Sell to a Wider Candidate Pool

    Expand Your Talent Sourcing Strategy

    Secure & Retain Top Talent

    Next Steps and Wrap-Up (offsite)

    Activities

    1.1 Understand trends in IT staffing.

    1.2 Assess your talent lifecycle.

    1.3 Make the case for changes to recruitment and retention strategies.

    2.1 Develop an IT employee value proposition (EVP).

    2.2 Adopt your employee value proposition.

    2.3 Write meaningful job postings.

    3.1 Build realistic job requisition forms.

    3.2 Identify new alternative sourcing approaches for talent.

    3.3 Build a sourcing strategy.

    4.1 Assess key selection challenges.

    4.2 Implement behavioral interview techniques.

    4.3 Measure employee engagement and review results.

    4.4 Develop programs to improve employee engagement.

    4.5 Train managers to conduct stay interviews and drive employee engagement.

    5.1 Complete in-progress deliverables from previous four days.

    5.2 Set up review time for workshop deliverables and to discuss next steps.

    Deliverables

    1. Recruitment & retention metrics report
    2. Business case for recruitment and retention changes
    1. Employee Value Proposition
    2. EVP marketing plan
    3. Revised job ads
    1. Job requisition form for key roles
    2. Sourcing strategy for key roles
    1. Root-cause analysis of section challenges
    2. Behavioral interview guide
    3. Identified employee engagement action plan
    4. Action plan to execute stay interviews
    1. Completed recruitment optimization plan
    2. Completed retention optimization plan

    Phase 1

    Enhance Your Recruitment Strategies

    Phase 1

    • 1.1 Sell
    • 1.2 Search
    • 1.3 Secure

    Phase 2

    • 2.1 Engagement
    • 2.2 Employee Experience
    • 2.3 Stay Interviews

    Consider key factors within the recruitment process

    Key Talent Pipeline Opportunities:

    • In today’s talent landscape IT leaders need to be highly strategic about how they recruit new talent to the organization.
    • IT professionals have a huge number of options to choose from when considering their next career.
    • IT leaders need to actively market and expand their search to attract top talent. The “where” and “how” to recruit men and women in IT are different and your strategy should reflect this.
    • Partnering with your HR department to help you improve the number of applicants, expand your search criteria, and optimize the interview experience will all directly impact your talent pipeline.
    1. Sell
    2. How do you position the value of working for your organization and roles in a meaningful way?

    3. Search
    4. How can you expand your key search criteria and sourcing strategies to reach more candidates?

    5. Secure
    6. How can you reduce bias in your interview process and create positive candidate experiences?

    Info-Tech’s Sell-Search-Secure recruitment model

    Follow these steps to increase your pool of female candidates.

    1. Sell Tactics:
    2. 1. Develop an employee value proposition that will attract female candidates.

      2. Understand how your job postings may be deterring female candidates.

    3. Search Tactics:
    4. 3. Identify opportunities to expand your role analysis for job requisitions.

      4. Increase your candidate pool by expanding sourcing programs.

    5. Secure Tactics:
    6. 5. Identify tactics to improve women’s interview experience.

      6. Leverage behavioral interview questions to limit bias in interviews.

    Please note, this section is not a replacement or a full talent strategy. Rather, this blueprint will highlight key tactics within talent acquisition practices that the IT leadership team can help to influence to drive greater diversity in recruitment.

    Understand where leaks exist in your talent pipeline

    Start your recruitment enhancement here.

    Work with your HR department to track critical metrics around where you need to make improvements and where you can partner with your recruitment team to improve your recruitment process and build a more diverse pipeline. Identify where you have significant drops or variation in diversity or overall need and select where you’d like to focus your recruitment improvement efforts.

    Selection Process Step

    Sample Metrics to Track

    Sell

    Average time to fill a vacant position

    Average number of applicants for posted positions

    Total # of Candidates; # of Male Candidates (% of total);

    # of Female Candidates (% of total); % Difference Male & Female

    Number of page visits vs. applications for posted positions

    Total # of Candidates

    # of Male Candidates

    % of total

    # of Female Candidates

    % of total

    % Difference Male & Female

    Search

    Number of applicants coming from your different sourcing channels (one line per sourcing channel: LinkedIn Group A, website, job boards, specific events, etc.)

    Number of applicants coming from referrals

    Secure

    Number of applicants meeting qualifications

    Number of applicants selected for second interview

    Number of applicants rejecting an offer

    Number of applicants accepting an offer

    Number of employees retained for one year

    Enhance your recruitment strategies

    The way you position the organization impacts who is likely to apply to posted positions. Ensure you are putting a competitive foot forward by developing a unique, meaningful, and aspirational employee value proposition and clear job descriptions.

    Sell the organization

    What is an employee value proposition?

    An employee value proposition (EVP) is a unique and clearly defined set of attributes and benefits that capture an employee’s overall work experience within an organization. An EVP is your opportunity to showcase the unique benefits and opportunities of working at your organization, allowing you to attract a wider pool of candidates.

    How is an employee value proposition used?

    Your EVP should be used internally and externally to promote the unique benefits of working within the department. As a recruiting tool, you can use it to attract candidates, highlighting the benefits of working for your organization. The EVP is often highlighted where you are most likely to reach your target audience, whether that is through social media, in-person events, or in other advertising activities.

    Why tailor this to multiple audiences?

    While your employee value proposition should remain constant in terms of the unique benefits of working for your organization, you want to ensure that the EVP appeals to multiple audiences and that it is backed up by relevant stories that support how your organization lives your EVP every day. Candidates need to be able to relate to the EVP and see it as desirable, so ensuring that it is relatable to a diverse audience is key.

    Develop a strong employee value proposition

    Three key steps

    The image contains a cycle to demonstrate the three key steps. The steps are: Build and Assess the EVP, Test the EVP, and Adopt the EVP.

    1. Build and Assess the EVP

    Assess your existing employee value proposition and/or build a forward-looking, meaningful, authentic, aspirational EVP.

    2. Test the EVP

    Gather feedback from staff to ensure the EVP is meaningful internally and externally.

    3. Adopt the EVP

    Identify how and where you will leverage the EVP internally and externally, and integrate the EVP into your candidate experience, job ads, and employee engagement initiatives.

    As you build your EVP, keep in mind that while it’s important to brand your IT organization as an inclusive workplace to help you attract diverse candidates, be honest about your current level of diversity and your intentions to improve. Otherwise, new recruits will be disappointed and leave.

    What is an employee value proposition?

    And what are the key components?

    The employee value proposition is your opportunity to showcase the unique benefits and opportunities of working at your organization, allowing you to attract a wider pool of candidates.

    AN EMPLOYEE VALUE PROPOSITION IS:

    AN EMPLOYEE VALUE PROPOSITION IS NOT:

    • An authentic representation of the employee experience
    • Aligned with organizational culture
    • Fundamental to all stages of the employee lifecycle
    • A guide to help investment in programs and policies
    • Short and succinct
    • What the employee can do for you
    • A list of programs and policies
    • An annual project

    THE FOUR KEY COMPONENTS OF AN EMPLOYEE VALUE PROPOSITION

    Rewards

    Organizational Elements

    Working Conditions

    Day-to-Day Job Elements

    • Compensation
    • Health Benefits
    • Retirement Benefits
    • Vacation
    • Culture
    • Customer Focus
    • Organization Potential
    • Department Relationships
    • Senior Management Relationships
    • Work/Life Balance
    • Working Environment
    • Employee Empowerment
    • Development
    • Rewards & Recognition
    • Co-Worker Relationships
    • Manager Relationships

    Creating a compelling EVP that presents a picture of your employee experience, with a focus on diversity, will attract females to your team. This can lead to many internal and external benefits for your organization.

    Collect relevant information

    Existing Employee Value Proposition: If your organization or IT department has an existing employee value proposition, rather than starting from scratch, we recommend leveraging that and moving to the testing phase to see if the EVP still resonates with staff and external parties.

    Employee Engagement Results: If your organization does an employee engagement survey, review the results to identify the areas in which the IT organization is performing well. Identify and document any key comment themes in the report around why employees enjoy working for the organization or what makes your IT department a great place to work.

    Social Media Sites. Prepare for the good, the bad, and the ugly. Social media websites like Glassdoor and Indeed make it easier for employees to share their experiences at an organization honestly and candidly. While postings on these sites won’t relate exclusively to the IT department, they do invite participants to identify their department in the organization. You can search these to identify any positive things people are saying about working for the organization and potentially opportunities for improvement (which you can use as a starting point in the retention section of this report).

    Step 1.1

    Sell – Assess the current state and develop your employee value proposition

    Activities

    1.1.1 Gather feedback on unique benefits

    1.1.2 Build key messages

    1.1.3 Test your EVP

    1.1.4 Adopt your EVP

    1.1.5 Review job postings for gender bias

    1.1.1 Gather feedback

    1. Hold a series of focus groups with employees to understand what about the organization attracted them to join and to stay at the organization.
    2. Start by identifying if you will interview all employees or a subset. If you are going to use a subset, ensure you have at least one male and one female participating from each team and representation of all levels within the department.
    3. Print the EVP Interview Guide to focus your conversation, and ask each individual to take 15 minutes and respond to questions 1-3 in the Guide:
    4. Draw a quadrant on the board and mark each quadrant with four categories: Day-to-Day Elements, Organizational Elements, Compensation & Benefits, and Working Conditions. Provide each participant with sticky notes and ask them to brainstorm the top five things they value most about working at the organization. Ask them to place each sticky in the appropriate category and identify any key themes.
    5. Ask participants to hand in their EVP Interview Guides and document all of the key findings.

    Input

    Output

    • Employee opinions
    • Employee responses to four EVP components
    • Content for EVP

    Materials

    Participants

    • EVP Interview Guide handout
    • Pen and paper for documenting responses
    • Male and female employees
    • Different departments
    • Different role levels

    Download the EVP Interview Guide

    1.1.2 Build key messages

    1. Collect all of the information from the various focus groups and begin to build out the employee value proposition statements.
    2. Identify the key elements that staff felt were unique and highly valued by employees and group these into common themes.
    3. Identify categories that related to one of the five key drivers* of women’s retention in IT and highlight any key elements related to these:
    • Culture: The degree to which an employee identifies with the beliefs, values, and attitudes of the organization.
    • Company Potential: An employee’s understanding, commitment, and excitement about the organization’s mission and future.
    • Employee Empowerment: The degree to which employees have accountability and control over their work within a supported environment.
    • Learning and Development: A cooperative and continuous effort to enhance an employee’s skill set and expertise and meet an employee’s career objectives.
    • Manager Relationships: The professional and personal relationship an employee has with their manager, including trust, support, and development.
  • Identify up to four key statements to focus on for the EVP, ensuring that your EVP speaks to at least one of the five categories above.
  • Integrate these into one overall statement.
  • *See Engagement Driver Handout slides for more details on these five drivers.

    Input

    Output

    • Feedback from focus groups
    • EVP and supporting statements

    Materials

    Participants

    • EVP Interview Guide handout
    • Pen and paper for documenting responses
    • IT leadership team

    Quality test your revised EVP

    Use Info-Tech’s EVP Scorecard.

    Internally and Externally

    Use the EVP Scorecard and EVP Scorecard Handout throughout this step to assess your EVP against:

    Internal Criteria:

    • Accuracy
    • Alignment
    • Aspirational
    • Differentiation

    External Criteria:

    • Clear
    • Compelling
    • Concise
    • Differentiation
    The image contains screenshots of Info-Tech's EVP Scorecard.

    Ensure your EVP resonates with employees and prospects

    Test your EVP with internal and external audiences.

    INTERNAL TEST REVOLVES AROUND THE 3A’s

    EXTERNAL TEST REVOLVES AROUND THE 3C’s

    ALIGNED: The EVP is in line with the organization’s purpose, vision, values, and processes. Ensure policies and programs are aligned with the organization’s EVP.

    CLEAR: The EVP is straightforward, simple, and easy to understand. Without a clear message in the market, even the best intentioned EVPs can be lost in confusion.

    ACCURATE: The EVP is clear and compelling, supported by proof points. It captures the true employee experience, which matches the organization’s communication and message in the market.

    COMPELLING: The EVP emphasizes the value created for employees and is a strong motivator to join this organization. A strong EVP will be effective in drawing in external candidates. The message will resonate with them and attract them to your organization.

    ASPIRATIONAL: The EVP inspires both individuals and the IT organization as a whole. Identify and invest in the areas that are sure to generate the highest returns for employees.

    COMPREHENSIVE: The EVP provides enough information for the potential employee to understand the true employee experience and to self-assess whether they are a good fit for your organization. If the EVP lacks depth, the potential employee may have a hard time understanding the benefits and rewards of working for your organization.

    1.1.3 Test your EVP

    1. Identify the internal and external individuals who you want to gather feedback from about the EVP.
    2. For internal candidates, send a copy of the EVP and ask them to complete the Internal Assessment (ensure that you have at least 50% representation of women).
    3. For external candidates, identify first how you will reach out to them; popular options are to have team members in key roles reach out to members of their LinkedIn network who are in similar roles to themselves. Request that they look for a diverse group to gather feedback from.
    4. Have the external candidates complete the External Assessment.
    5. Collect the feedback around the EVP and enter the findings into the EVP Scorecard Tool.
    6. If you are dissatisfied with the scorecard results, go back to the employees you interviewed to ask for additional feedback, focusing on the areas that scored low.
    7. Incorporate the feedback and present the revised EVP to see if the changes resonate with stakeholders.
    8. If you are satisfied with the results, present to the leadership and HR teams for agreement and proceed to adopting the EVP in your organization.

    Input

    Output

    • Internal assessment
    • External assessment
    • Finalized EVP

    Materials

    Participants

    • EVP Internal Assessmentt
    • EVP External Assessment
    • Internal staff members
    • External IT professionals

    1.1.4 Adopt your EVP

    Identify your target audience and marketing channels.

    1. Identify the internal and external individuals who you want to gather feedback from about the EVP.
    • The target audience for your employee value proposition
    • Internal and/or external
    • Local, national, international
    • Experience
    • Applicant pool (e.g. new graduates, professionals, internship)
  • For each target audience, identify where you want to reach them with your employee value proposition.
    • Internal: Town hall meetings, fireside chats
    • External: Social media, advertising, job postings
    • Global: Professional affiliations, head hunters
  • For each target audience, build the communication strategy and identify messaging, mediums, timeline, and task ownership.
  • Input

    Output

    • Employee value proposition
    • EVP plan

    Materials

    Participants

    • Pen and paper
    • EVP participants

    Case Study

    INDUSTRY: Restaurant

    SOURCE: McDonald’s Careers, Canadian Business via McLean & Company

    McDonald’s saw a divide between employee experience and its vision. McDonald’s set out to reinvent its employer image and create the reputation it wanted.

    Challenge

    • Historically, McDonald’s has had a challenging employer brand. Founded on the goal of cost effectiveness, a “McJob” was often associated with lower pay and a poor reputation.
    • McDonald’s reached out to employees using a global survey and asked, “What is it you love most about working at McDonald’s?”

    Solution

    • McDonald’s revaluated its employer brand by creating an EVP focused on the three F’s.
    1. Future – career growth and development opportunities
    2. Flexibility – flexible working hours and job variety
    3. Family & Friends – a people-centric work culture

    Results

    • As a result of developing and promoting its EVP internally, McDonald’s has experienced higher engagement and a steady decrease in turnover.
    • Externally, McDonald’s has been recognized numerous times by the Great Place to Work Institute and has been classified by Maclean’s magazine as one of Canada’s top 50 employers for 13 years running.

    Make your job descriptions more attractive to female applicants

    10 WAYS TO REMOVE GENDER BIAS FROM JOB DESCRIPTIONS – GLASSDOOR – AN EXCERPT

    1. USE GENDER-NEUTRAL TITLES: Male-oriented titles can inadvertently prevent women from clicking on your job in a list of search results. Avoid including words in your titles like “hacker,” “rockstar,” “superhero,” “guru,” and “ninja,” and use neutral, descriptive titles like “engineer,” “project manager,” or “developer.
    2. CHECK PRONOUNS: When describing the tasks of the ideal candidate, use “they” or “you.” Example: “As Product Manager for XYZ, you will be responsible for setting the product vision and strategy.
    3. AVOID (OR BALANCE) YOUR USE OF GENDER-CHARGED WORDS: Analysis from language tool Textio found that the gender language bias in your job posting predicts the gender of the person you’re going to hire. Use a tool like Textio tool or the free Gender Decoder to identify problem spots in your word choices. Examples: “Analyze” and “determine” are typically associated with male traits, while “collaborate” and “support” are considered female. Avoid aggressive language like “crush it.
    4. AVOID SUPERLATIVES: Excessive use of superlatives such as “expert,” “superior,” and “world class” can turn off female candidates who are more collaborative than competitive in nature. Research also shows that women are less likely than men to brag about their accomplishments. In addition, superlatives related to a candidate’s background can limit the pool of female applicants because there may be very few females currently in leading positions at “world-class” firms
    5. LIMIT THE NUMBER OF REQUIREMENTS: Identify which requirements are “nice to have” versus “must have,” and eliminate the “nice to haves.” Research shows that women are unlikely to apply for a position unless they meet 100 percent of the requirements, while men will apply if they meet 60 percent of the requirements.

    For the full article please click here.

    1.1.5 Review job postings

    To understand potential gender bias

    1. Select a job posting that you are looking to fill, review the descriptions, and identify if any of the following apply:
    • Are the titles gender neutral? This doesn’t mean you can’t be creative in your naming, but consider if the name really represents the role you are looking to fill.
    • Do you use pronouns? If there are instances where the posting says “he” OR “she” change this to “they” or “you.”
    • Are you overusing superlatives? Review the posting and ensure that when words like “expert” or “world class” are used that you genuinely need someone who is at that level.
    • Are all of the tasks/responsibilities listed the ones that are absolutely essential to the job? Women are less likely to apply if they don’t have direct experience with 100% of the criteria – if it’s a non-essential, consider whether it’s needed in the posting.
    • Is there any organization-specific jargon used? Where possible, avoid using organization-specific jargon in order to create an inclusive posting. Avoid using terms/acronyms that are only known to your organization.
  • Select four to six members of your staff, both male and female, and have them highlight within the job posting what elements appeal to them and what elements do not appeal to them or would concern them about the job.
  • Review the feedback from staff, and identify potential opportunities to reduce bias within the posting.
  • Input

    Output

    • Job posting
    • Updated job posting

    Materials

    Participants

    • Pen and paper
    • IT staff members

    Case Study

    INDUSTRY: Social Media

    SOURCE: Buffer Open blog

    When the social media platform Buffer replaced one word in a job posting, it noticed an increase in female candidates.

    Challenge

    For the social media platform Buffer, all employees were called “hackers.” It had front-end hackers, back-end hackers, Android hackers, iOS hackers, and traction hackers.

    As the company began to grow and ramp up hiring, the Chief Technology Officer, Sunil Sadasivan, noticed that Buffer was seeing a very low percentage of female candidates for these “hacker” jobs.

    In researching the challenge in lack of female candidates, the Buffer team discovered that the word “hacker” may be just the reason why.

    Solution

    Understanding that wording has a strong impact on the type of candidates applying to work for Buffer started a great and important conversation on the Buffer team.

    Buffer wanted to be as inviting as possible in job listings, especially because it hires for culture fit over technical skill.

    Buffer went through a number of wording choices that could replace “hacker,” and ended on the term “developer.” All external roles were updated to reflect this wording change.

    Results

    By making this slight change to the wording used in their jobs, Buffer went from seeing a less than 2% female representation of applicants for developer jobs to around 12% female representation for the same job.

    Step 1.2

    Search – Reach more candidates by expanding key search criteria and sourcing strategies

    Activities

    1.2.1 Complete role analysis

    1.2.2 Expand your sourcing pools

    Enhance your recruitment strategies

    Sourcing shouldn’t start with an open position; it should start with identifying an anticipated need and building and nurturing a talent pipeline. IT participation in this is critical to effectively promote the employee experience and foster relationships before candidates even apply.

    Expand your search

    What is a candidate sourcing program?

    A candidate sourcing program is one element of the overall HR sourcing approach, which consists of the overall process (steps to source talent), the people responsible for sourcing, and the programs (internal talent mobility, social media, employee referral, alumni network, campus recruitment, etc.).

    What is a sourcing role analysis?

    Part of the sourcing plan will outline how to identify talent for a role, which includes both the role analysis and the market assessment. The market assessment is normally completed by the HR department and consists of analyzing the market conditions as they relate to specific talent needs. The role analysis looks at what is necessary to be successful in a role, including competencies, education, background experience, etc.

    How will this enable you to attract female candidates?

    Expanding your sourcing programs and supporting deeper role analysis will allow your HR department to reach a larger candidate pool and better understand the type of talent that will be successful in roles within your organization. By expanding from traditional pools and criteria you will open the organization up to a wider variety of talent options.

    Minimize bias in sourcing to hire the right talent and protect against risk

    Failure to take an inclusive approach to sourcing will limit your talent pool by sidelining entire groups or discouraging applicants from diverse backgrounds. Address bias in sourcing so that diverse candidates are not excluded from the start. Solutions such as removing biographical data from CVs prior to interviews may reduce bias, but they may come too late to impact diversity.

    Potential areas of bias in sourcing:

    Modifications to reduce bias:

    Intake Session

    • Describing a specific employee when identifying what it takes to be successful in the role. This may include attributes that do not actually promote success (e.g. school or program) but will decrease diversity of thought.
    • Hiring managers display a “like me” bias where they describe a successful candidate as similar to themselves.
    • Focus on competencies for the role rather than attributes of current employees or skills. Technology is changing rapidly – look for people who have demonstrated a capability over a specific skill.

    Sourcing Pools

    • Blindly hunting or sourcing individuals from a few sources, assuming that these sources are always better than others (e.g. Ivy League schools always produce the best candidates).
    • Expand sources. Don’t exclude diverse sources because they’re not popular.
    • Objectively measure source effectiveness to address underlying assumptions.

    1.2.1 Role analysis

    Customize a sourcing plan for key roles to guide talent pipeline creation.

    1. Complete a role analysis to understand key role requirements. If you are hiring for an existing role, start by taking an inventory of who your top and low performers are within the role today.
    2. Consider your top performers and identify what a successful employee can do better than a less successful one. Start by considering their alignment with job requirements, and identify the education, designations/certifications, and experiences that are necessary for this job. Do not limit yourself; carefully consider if the requirements you are including are actually necessary or just nice to have.
    3. Required Entry Criteria

      Preferred Entry Criteria

      Education

      • University Degree – Bachelors
      • University Degree – Masters

      Experience

      • 5+) years design, or related, experience
      • Experience leading a team
      • External consulting experience
      • Healthcare industry experience

      Designations/Certifications

      • ITIL Foundations
    4. Review Info-Tech’s Job Competency Library in the Workforce Planning Workbook, identify the key competencies that are ideal for this anticipated role, and write a description of how this would manifest in your organization.
    5. Competency

      Level of Proficiency

      Behavioral Descriptions

      Business Analysis

      Level 2: Capable

      • Demonstrates a basic understanding of business roles, processes, planning, and requirements in the organization.
      • Demonstrates a basic understanding of how technologies assist in business processes.
      • Develop basic business cases using internal environment analysis for the business unit level.
    6. Hold a meeting with your HR team or recruiter to highlight the types of experience and competencies you are looking for in a hire to expand the search criteria.

    Target diverse talent pools through different sources

    When looking to diversify your workforce, it’s critical that you look to attract and recruit talent from a variety of different talent pools.

    SOURCING APPROACH

    INTERNAL MOBILITY PROGRAM

    Positioning the right talent in the right place, at the right time, for the right reasons, and supporting them appropriately. Often tied to succession or workforce planning, mentorship, and learning and development.

    SOCIAL MEDIA PROGRAM

    The widely accessible electronic tools that enable anyone to publish and access information, collaborate on common efforts, and build relationships. Think beyond the traditional and consider niche social media platforms.

    EMPLOYEE REFERRAL PROGRAM

    Employees recommend qualified candidates. If the referral is hired, the referring employee typically receives some sort of reward.

    ALUMNI PROGRAM

    An alumni referral program is a formalized way to maintain ongoing relationships with former employees of the organization.

    CAMPUS RECRUITING PROGRAM

    A formalized means of attracting and hiring individuals who are about to graduate from schools, colleges, or universities.

    EVENTS & ASSOCIATION PROGRAM

    A targeted approach for participation in non-profit associations and industry events to build brand awareness of your organization and create a forward-looking talent pipeline.

    1.2.2 Expand your sourcing pools

    Increase the number of female applicants.

    1. Identify where your employees are currently being sourced from and identify how many female candidates you have gotten from each channel as a percentage of applicants.
    2. # of Candidates From Approach

      % of Female Candidates From Approach

      Target # of Female Candidates

      Internal Talent Mobility

      Social Media Program

      Employee Referral Program

      Alumni Program

      Campus Recruiting Program

      Events & Non-Profit Affiliations

      Other (job databases, corporate website, etc.)

    3. Work with your HR partner or organization’s recruiter to identify three recruitment channels from the list that you will work on expanding.
    4. Review the following two slides and identify key success factors for the implementation. Identify what role IT will play and what role HR will play in implementing the approach.
    5. Following implementation, monitor the impact of the tactics on the number of women candidates and determine whether to add additional tactics.

    Different talent sources

    Benefits and success factors of using different talent sources

    Benefits

    Keys to Success

    Internal Mobility Program

    • Drives retention by providing opportunities to develop professionally
    • Provides a ready pipeline for rapid changes
    • Reduces time and cost of recruitment
    • Identify career pathing opportunities
    • Identify potential successors for succession planning
    • Build learning and development and mentorship

    Social Media Program

    • Access to candidates
    • Taps extended networks
    • Facilitates consistent communication with candidates and talent in pipelines
    • Personalizes the candidate experience
    • Identify platforms – common and niche
    • Talk to your top performers and IT network and identify which sites they use
    • Identify how people use that platform – nature of posts and engagement
    • Define what content to share and who from IT should be engaging
    • Be timely with participation and responses

    Employee Referral Program

    • Higher applicant-to-hire rate
    • Decreased time to fill positions
    • Decreased turner
    • Increased quality of hire
    • Expands your network – women in IT often know other qualified women in IT and in project delivery
    • Educate employees (particularly female employees) to participate
    • Send reminders, incorporate into onboarding, and ask leaders to share job openings
    • Make it easy to share jobs by providing templates and shortened URLs
    • Where possible, simplify the process by avoiding paper forms, reaching out quickly
    • Select metrics that will identify areas of strength and gaps in the referral program

    Alumni Program

    • A formalized way to maintain ongoing relationship with former employees
    • Positive branding as alumni are regarded as a credible source of information
    • Source of talent – boomerang employees are doubly as valuable as they understand the organization
    • Increased referral potential provides access to a larger network and alumni know what is required to be successful in the organization
    • Identify the purpose of the network and set clear goals
    • Identify what the network will do: Will the network be virtual or in person? Who will chair? Who should participate? etc.
    • Create a simple process for alumni to share information about vacancies and refer people
    • Measure progress

    Campus Recruiting Program

    • Increases employer brand awareness among talent entering the workforce
    • Provides the opportunity to interact with large groups of potential candidates at one time
    • Offers access to a highly diverse audience
    • Identify key competencies and select programs based on relevant curriculum for building those competencies
    • Select targeted schools keeping in mind programs and existing relationships
    • Work with HR to get involved

    Events & Non-Profit Affiliations

    • Create a strong talent pipeline for future positions
    • Build relationships based on shared values in a comfortable environment for participants
    • Ability to expand diversity by targeting different types of events or by leveraging women-focused, specifically women in technology, groups
    • Look for events that attract similar participants to the skills or roles you are looking to attract, e.g. Women Who Code if you’re looking for developers
    • Actively engage and participate in the event
    • Couple this with learning and development activities, and invite female top performers to participate

    Enhance your recruitment strategies

    Work with your HR department to influence the recruitment process by taking a data-driven approach to understand the root cause of applicant drop-off and success and take corrective actions.

    Secure top candidates

    Why does the candidate experience matter?

    Until recently it was an employer’s market, so recruiters and hiring managers were able to get good talent without courting top candidates. Today, that’s not the case. You need to treat your IT candidates like customers and be mindful that this is often one of the first experiences future staff will have with the organization. It will give them their first real sense of the culture of the organization and whether they want to work for the organization.

    What can IT leaders do if they have limited influence over the interview process?

    Work with your HR department to evaluate the existing recruitment process, share challenges you’ve experienced, and offer additional support in the process. Identify where you can influence the process and if there are opportunities to build service-level agreements around the candidate experience.

    Take a data-driven approach

    Understand opportunities to enhance the talent selection process.

    While your HR department likely owns the candidate experience and processes, if you have identified challenges in diversity we recommend partnering with your HR department or recruitment team to identify opportunities for improvement within the process. If you are attracting a good amount of candidates through your sell and search tactics but aren’t finding that this is translating into more women selected, it’s time to take a look at your selection processes.

    SIMPLIFIED CANDIDATE SELECTION PROCESS STEPS

    1. Application Received
    2. Candidate Selected for Interview
    3. Offer Extended
    4. Offer Accepted
    5. Onboarding of Staff

    To understand the challenges within your selection process, start by baselining your drop-off rates throughout selection and comparing the differences in male and female candidates. Use this to pin point the issues within the process and complete a root-cause analysis to identify where to improve.

    Step 1.3

    Secure – reduce bias in your interview process and create positive candidate experiences

    Activities

    1.3.1 Identify selection challenges

    1.3.1 Identify your selection challenges

    Review your candidate data.

    1. Hold a meeting with your HR partner to identify trends in your selection data. If you have an applicant tracking system, pull all relevant information for analysis.
    2. Start by identifying the total number of candidates that move forward in each stage of the process. Record the overall number of applicants for positions (should have this number from your sourcing analysis), overall number of candidates selected for interviews, overall number of offers extended, overall number of offers rejected, and overall number of employees still employed after one year.
    3. Identify the number of female and male candidates in each of those categories and as a percentage of the total number of applicants.
    4. Selection Process Step

      Total # of Candidates

      Male Candidates

      Female Candidates

      % Difference Male & Female

      #

      #

      % of total

      #

      % of total

      Applicants for Posted Position

      150

      115

      76.7%

      35

      23.3%

      70% fewer females

      Selected for Interview

      (Selected for Second Interview)

      (Selected for Final Interview)

      Offer Extended

      Offer Rejected

      Employees Retained for One Year

    5. Identify where there are differences in the percentages of male and female candidates and where there are significant drop-off rates between steps in the process.

    Note: For larger organizations, we highly recommend analyzing differences in specific teams/roles and/or at different seniority levels. If you have that data available, repeat the analysis, controlling for those factors.

    Root-cause analysis can be conducted in a variety of ways

    Align your root-cause analysis technique with the problem that needs to be solved and leverage the skills of the root-cause analysis team.

    Brainstorming/Process of Elimination

    After brainstorming, identify which possible causes are not the issue’s root cause by removing unlikely causes.

    The Five Whys

    Use reverse engineering to delve deeper into a recruitment issue to identify the root cause.

    Ishikawa/Fishbone Diagram

    Use an Ishikawa/fishbone diagram to identify and narrow down possible causes by categories.

    Process of elimination

    Leveraging root-cause analysis techniques.

    Using the process of elimination can be a powerful tool to determine root causes.

    • To use the process of elimination to determine root cause, gather the participants from within your hiring team together once you have identified where your issues are within the recruitment process and brainstorm a list of potential causes.
    • Like all brainstorming exercises, remember that the purpose is to gather the widest possible variety of perspectives, so be sure not to eliminate any suggested causes out of hand.
    • Once you have an exhaustive list of potential causes, you can begin the process of eliminating unlikely causes to arrive at a list of likely potential causes.

    Example

    Problem: Women candidates are rejecting job offers more consistently

    Potential Causes

    • The process took too long to complete
    • Lack of information about the team and culture
    • Candidates aren’t finding benefits/salary compelling
    • Lack of clarity on role expectations
    • Lack of fit between candidate and interviewers
    • Candidates offered other positions
    • Interview tactics were negatively perceived

    As you brainstorm, ensure that you are identifying differentiators between male and female candidate experiences and rationale. If you ask candidates their rationale for turning down roles, ensure that these are included in the discussion.

    The five whys

    Leveraging root-cause analysis techniques

    Repeatedly asking “why” might seem overly simplistic, but it has the potential to be useful.

    • It can be useful, when confronting a problem, to start with the end result and work backwards.
    • According to Olivier Serrat, a knowledge management specialist at the Asian Development Bank, there are three key components that define successful use of the five whys: “(i) accurate and complete statements of problems, (ii) complete honesty in answering the questions, and (iii) the determination to get to the bottom of problems and resolve them.”
    • As a group, develop a consensus around the problem statement. Go around the room and have each person suggest a potential reason for its occurrence. Repeat the process for each potential reason (ask “why?”) until there are no more potential causes to explore.
    • Note: The total number of “whys” may be more or less than five.

    Example

    The image contains an example of the five whys activity as described in the text above.

    Ishikawa/fishbone diagram

    Leveraging root-cause analysis techniques.

    Use this technique to sort potential causes by category and match them to the problem.

    • The first step in creating a fishbone diagram is agreeing on a problem statement and populating a box on the right side of a whiteboard or a piece of chart paper.
    • Draw a horizontal line left from the box and draw several ribs on either side that will represent the categories of causes you will explore.
    • Label each rib with relevant categories. In the recruitment context, consider cause categories like technology, interview, process, etc. Go around the room and ask, “What causes this problem to happen?” Every result produced should fit into one of the identified categories. Place it there, and continue to brainstorm sub-causes.

    The image contains a screenshot example of the Ishikawa/fishbone diagram.

    Info-Tech Best Practice

    Avoid naming individuals in the fishbone diagram. The goal of the root-cause exercise is not to lay blame or zero in on a guilty party but rather to identify how you can rectify any challenges.

    Leverage behavioral interviews

    Use Info-Tech’s Behavioral Interview Questions Library.

    Reduce bias in your interviews.

    In the past, companies were pushing the boundaries of the conventional interview, using unconventional questions to find top talent, e.g. “what color is your personality?” The logic was that the best people are the ones who don’t necessarily show perfectly on a resume, and they were intent on finding the best.

    However, many companies have stopped using these questions after extensive statistical analysis revealed there was no correlation between candidates’ ability to answer them and their future performance on the job. Hiring by intuition – or “gut” – is usually dependent on an interpersonal connection being developed over a very short period of time. This means that people who were naturally likeable would be given preferential treatment in hiring decisions whether they were capable of doing the job.

    Asking behavioral interview questions based on the competency needs of the role is the best way to uncover if the candidates will be able to execute on the job.

    For more information see Info-Tech’s Behavioral Interview Question Library.

    The image contains screenshots of Info-Tech's Behavioral Interview Questions Library.

    Improve the level of diversity in your organization by considering inclusive candidate selection practices

    Key action items to create inclusivity in your candidate selection practices:

    1. Managers must be aware of how bias can influence hiring. Encourage your HR department to provide diversity training for recruiters and hiring managers. Ensure those responsible for recruitment are using best practices, are aware of the impact of unconscious bias, and are making decisions in alignment with your DEI strategy.
    2. Use a variety of interviewers to leverage multiple/diverse perspectives. Hiring decisions made by a group can offer a more balanced perspective. Include interviewers from multiple levels in the organization and both men and women.
    3. Hire for distinguished excellence. Be careful not to simply choose the same kind of people over and over, in the name of cultural fit (Source: Recruiter.com, 2015).
    4. Broaden the notion of fit:

    • Hire for skill fit: you might still hire certain types for a specific job (e.g. analytical types for analysis positions), but these candidates can still be diverse.
    • Hire for fit with your organization’s DEI values, regardless of whether the candidate is from a diverse background or not.
    • It can be tempting for hiring managers to hire individuals who are similar to themselves. However, doing so limits the amount of diversity entering your organization, and as a result, limits your organization’s ability to innovate.
  • Deliberately hire for cognitive diversity. Diverse thought processes, perspectives, and problem-solving abilities are positively correlated with firm performance (Source: Journal of Diversity Management, 2014).
  • Leverage a third-party tool

    Ensure recruiting and onboarding programs are effective by surveying your new hires.

    For a deeper analysis of your new hire processes Info-Tech’s sister company, McLean & Company, is an HR research and advisory firm that offers powerful diagnostics to measure HR processes effectiveness. If you are finding diversity issues to be systemic within the organization, leveraging a diagnostic can greatly improve your processes.

    Use this diagnostic to get vital feedback on:

    • Recruiting efforts. Find out if your job marketing efforts are successful, which paths your candidates took to find you, and whether your company is maintaining an attractive profile.
    • Interviewing process. Ensure candidates experience an organized, professional, and ethical process that accurately sets their expectations for the job.
    • Onboarding process. Make sure your new hires are being trained and integrated into their team effectively.
    • Organizational culture. Is your culture welcoming and inclusive? You need to know if top talent enjoy the environment you have to offer.
    The image contains a screenshot of the New Hire Survey.

    For more information on the New Hire Survey click here. If you are interested in referring your HR partner please contact your account manager.

    Phase 2

    Enhance Your Retention Strategies

    Phase 1

    • 1.1 Sell
    • 1.2 Search
    • 1.3 Secure

    Phase 2

    • 2.1 Engagement
    • 2.2 Employee Experience
    • 2.3 Stay Interviews

    Actively engage female staff to retain them

    Employee engagement: the measurement of effective management practices that create a positive emotional connection between the employee and the organization.

    Engaged employees do what’s best for the organization: they come up with product/service improvements, provide exceptional service to customers, consistently exceed performance expectations, and make efficient use of their time and resources. The result is happy customers, better products/services, and saved costs.

    Today, what we find is that 54% of women in IT are not engaged,* but…

    …engaged employees are: 39% more likely to stay at an organization than employees who are not engaged.*

    Additionally, engaging your female staff also has the additional benefit of increasing willingness to innovate by 30% and performance by 28%. The good news is that increasing employee engagement is not difficult, it just requires dedication and an effective toolkit to monitor, analyze, and implement tactics.*

    * Info-Tech and McLean & Company Diagnostics; N=1,308 IT employees

    Don’t seek to satisfy; drive IT success through engagement

    The image contains a screenshot of a diagram that highlights the differences between satisfied and engaged employees.

    Engagement drivers that impact retention for men and women are different – tailor your strategy to your audience

    Ranked correlation of impact of engagement drivers on retention

    The image contains a screenshot that demonstrates the differences in retaining men and women in IT.

    * Recent data stays consistent, but the importance of compensation and recognition in retaining women in IT is increasing.

    Info-Tech Research Group Employee Engagement Diagnostic; N=1,856 IT employees.

    An analysis of the differences between men and women in IT’s drivers indicates that women in IT are significantly less likely than men in IT to agree with the following statements:

    Culture:

    • They identify well with the organization’s values.
    • The organization has a very friendly atmosphere.

    Employee Empowerment:

    • They are given the chance to fully leverage their talents through their job.

    Manager Relationships:

    • They can trust their manager.
    • Their manager cares about them as a person

    Working Environment:

    • They have not seen incidents of discrimination at their organization based on age, gender, sexual orientation, religion, or ethnicity.

    Enhance your retention strategies

    Employee engagement is one of the greatest predictors of intention to stay. To retain you need to understand not only engagement but also your employee experience – the moments that matter – and actively work to create a positive experience.

    Improve employee engagement

    What differentiates an engaged employee?

    Engaged employees do what’s best for the organization: they come up with product/service improvements, provide exceptional service to customers, consistently exceed performance expectations, and make efficient use of their time and resources. The result is happy customers, better products/services, and saved costs.

    Why measure engagement when looking at retention?

    Engaged employees report 39%1 higher intention to stay at the organization than disengaged employees. The cost of losing an employee is estimated to be 150% to 200% of their annual salary.2 Can you afford to not engage your staff?

    Why should IT leadership be responsible for their staff engagement?

    Engagement happens every day, through every interaction, and needs to be tailored to individual team members to be successful. When engagement is owned by IT leadership, engagement initiatives are incorporated into daily experiences and personalized to their employees based on what is happening in real time. It is this active, dynamic leadership that inspires ongoing employee engagement and differentiates those who talk about engagement from those who succeed in engaging their teams.

    Sources: 1 - McLean & Company Employee Engagement Survey, 2 - Gallup, 2019

    Step 2.1

    Improve employee engagement

    Activities

    2.1.1 Review employee engagement results and trends

    2.1.2 Focus on areas that impact retention of women

    Take a data-driven approach

    Info-Tech’s employee engagement diagnostics are low-effort, high-impact programs that will give you detailed report cards on the organization’s engagement levels. Use these insights to understand your employees’ engagement levels by a variety of core demographics.

    FULL ENGAGEMENT DIAGNOSTIC

    EMPLOYEE EXPERIENCE MONITOR

    The full engagement diagnostic provides a comprehensive view of your organization’s engagement levels, informing you of what motivates employees and providing a detailed view of what engagement drivers to focus on for optimal results.

    Info-Tech & McLean & Company’s Full Engagement Diagnostic Survey has 81 questions in total.

    The survey should be completed annually and typically takes 15-20 minutes to complete.

    The EXM Dashboard is designed to give organizations a real-time view of employee engagement while being minimally intrusive.

    This monthly one-question survey allows organizations to track the impact of events and initiatives on employee engagement as they happen, creating a culture of engagement.

    The survey takes less than 30 seconds to complete and is fully automated.

    For the purpose of improving retention of women in IT, we encourage you to leverage the EXM tool, which will allow you to track how this demographic group’s engagement changes as you implement new initiatives.

    Engagement survey

    For a detailed breakdown of staff overall engagement priorities.

    Overall Engagement Results

    • A clear breakdown of employee engagement results by demographic, gender, and team.
    • Detailed engagement breakdown and benchmarking.
    The image contains a screenshot of the overall engagement results.

    Priority Matrix and Driver Scores

    • A priority matrix specific to your organization.
    • A breakdown of question scores by priority matrix quadrant.
    • Know what not to focus your effort on – not all engagement drivers will have a high impact on engagement.
    The image contains a screenshot of the priority matrix and driver scores.

    EXM dashboard

    Reporting to track engagement in real time.

    EXM Dashboard

    • Leverage Info-Tech’s real-time Employee Experience Monitor dashboard to track your team’s engagement levels over time.
    • Track changes in the number of supporters and detractors and slice the data by roles, teams, and gender.
    The image contains a screenshot of the EXM dashboard.

    Time Series Trends

    • As you implement new initiatives to improve the engagement and retention of staff, track their impact and continuously course correct.
    • Empower your leaders to actively manage their team culture to drive innovation, retention, and productivity.
    The image contains a screenshot of the time series trends.

    Start your diagnostic now

    Leverage your Info-Tech membership to seamlessly launch your employee engagement survey.

    Info-Tech’s dedicated team of program managers will facilitate this diagnostic program remotely, providing you with a convenient, low-effort, high-impact experience.

    We will guide you through the process with your goals in mind to deliver deep insight into your successes and areas to improve.

    What You Need to Do:

    Info-Tech’s Program Manager Will:

    1. Contact Info-Tech to launch the program.
    2. Review the two survey options to select the right survey for your organization.
    3. Work with an Info-Tech analyst to set up your personal diagnostic.
    4. Identify who you would like to take the survey.
    5. Customize Info-Tech’s email templates.
    6. Participate in a one-hour results call with an Info-Tech executive advisor.
    1. Work with you to define your engagement strategy and goals.
    2. Launch, maintain, and support the diagnostic in the field.
    3. Provide you with response rates throughout the process.
    4. Explore your results in a one-hour call with an executive advisor to fully understand key insights from the data.
    5. Provide quarterly updates and training materials for your leadership team.

    Start Now

    2.1.1 Review employee engagement results

    Identify trends

    1. In a call with one of Info-Tech’s executive advisors, review the results of your employee engagement survey.
    2. Identify which departments are most and least engaged and brainstorm some high-level reasons.
    3. Review the demographic information and highlight any inconsistencies or areas with high levels of variance. Document which demographics have the most and least engaged, disengaged, and indifferent employees.
    4. With help from the Info-Tech executive advisor, identify and document any dramatic differences in the demographic data, particularly around gender.
    5. Identify if the majority of issues effecting engagement are at an organization or department level and which stakeholders you need to engage to support the process moving forward.
    6. Identify next steps.
    Input
    • Employee engagement results
    Participants
    • CIO
    • Info-Tech Advisor

    2.1.2 Focus on areas that impact retention of women

    Hold focus groups with IT staff and focus on the five areas with the greatest impact on women’s retention.

    1. Review the handout slides on the following pages to get a better understanding of the definition of each of the top five drivers impacting women’s retention. Depending on your team’s size, pick one to three drivers to focus on for your first focus group.
    2. Divide the participants into teams and on flip chart paper or using sticky notes have the teams brainstorm what you can stop/start/continue doing to help you improve on your assigned driver.
    • Continue: actions that work for the team related to this driver and should proceed.
    • Start: actions/initiatives that the team would like to begin.
    • Stop: actions/initiatives that the team would like to stop.
  • Prioritize the initiatives by considering: Is this initiative something you feel will make an impact on the engagement driver? Eliminate any initiatives that would not make an impact.
  • Have the groups present back and vote on two to three initiatives to implement to drive improvements within that area.
  • Culture

    Engagement driver handout

    Culture: The degree to which an employee identifies with the beliefs, values, and attitudes of the organization.

    Questions:

    • I identify well with the organization’s values.
    • This organization has a collaborative work environment.
    • This organization has a very friendly atmosphere.
    • I am a fit for the organizational culture.

    Ranked Correlation of Impact of Engagement Driver on Retention:

    • Women in IT: #1
    • Men in IT: #2

    Company Potential

    Engagement driver handout

    Company Potential: An employee’s understanding of and commitment to the organization’s mission, and the employee’s excitement about the organization’s mission and future.

    Questions:

    • This organization has a bright future.
    • I am impressed with the quality of people at this organization.
    • People in this organization are committed to doing high-quality work.
    • I believe in the organization’s overall business strategy.
    • This organization encourages innovation.

    Ranked Correlation of Impact of Engagement Driver on Retention:

    • Women in IT: #2
    • Men in IT: #1

    Employee Empowerment

    Engagement driver handout

    Employee Empowerment: The degree to which employees have accountability and control over their work within a supported environment.

    Questions:

    • I am not afraid of trying out new ideas in my job.
    • If I make a suggestion to improve something in my department I believe it will be taken seriously.
    • I am empowered to make decisions about how I do my work.
    • I clearly understand what is expected of me on the job.
    • I have all the tools I need to do a great job.
    • I am given the chance to fully leverage my talents through my job.

    Ranked Correlation of Impact of Engagement Driver on Retention:

    • Women in IT: #3
    • Men in IT: #6

    Learning and Development

    Engagement driver handout

    Learning and Development: A cooperative and continuous effort between an employee and the organization to enhance an employee’s skill set and expertise and meet an employee’s career objectives and the organization’s needs.

    Questions:

    • I can advance my career in this organization.
    • I am encouraged to pursue career development activities.
    • In the last year, I have received an adequate amount of training.
    • In the last year, the training I have received has helped me do my job better.

    Ranked Correlation of Impact of Engagement Driver on Retention:

    • Women in IT: #4
    • Men in IT: #5

    Manager Relationships

    Engagement driver handout

    Manager Relationships: The professional and personal relationship an employee has with their manager. Manager relationships depend on the trust that exists between these two individuals and the extent that a manager supports and develops the employee.

    Questions:

    • My manager inspires me to improve.
    • My manager provides me with high-quality feedback.
    • My manager helps me achieve better results.
    • I trust my manager.
    • My manager cares about me as a person.
    • My manager keeps me well informed about decisions that affect me.

    Ranked Correlation of Impact of Engagement Driver on Retention:

    • Women in IT: #5
    • Men in IT: #11

    Step 2.2

    Examine employee experience

    Activities

    2.2.1 Identify moments that matter

    Understand why and when employees plan to depart

    Leverage “psychology of quitting” expertise.

    Train your managers to provide them with the skills and expertise to recognize the warning signs of an employee’s departure and know how to re-engage and retain them.

    • The majority of resignations are not spur of the moment. They are the result of a compilation of events over a period of time. Normally, these instances are magnified by a stimulant. The final straw or the breaking point drives the employee to make a change. In fact, it has been estimated that a shock jumpstarts 65% of departures.*
      • These shocks could be a lack of promotion, loss of privilege or development opportunity, or a quarrel with a manager.
    • Employees rarely leave right away. Most wait until they have confirmed a new job opportunity before leaving. This creates a window in which you can reengage and retain them.
    • The majority of employees show signs that they are beginning to think of leaving. Whether that is leaving immediately, putting in the bare minimum of effort, or job searching online at work. Train your managers to know the signs and to keep an eye out for potentially dissatisfied and searching employees.*
    • It is easier and less costly to reengage an employee than to start the hiring process from the beginning.
    *Source: The Career Café, 2017

    Examine employee experience (EX)

    Look beyond engagement drivers to drive retention.

    Employee experience (EX) is the employee’s perception of their cumulative lived experiences with the organization. It is gauged by how well the employee’s expectations are met within the parameters of the workplace, especially by the “moments that matter” to them. Individual employee engagement is the outcome of a strong overall EX.

    The image contains a diagram as an example of examining employee experience.

    Drive a positive employee experience

    Identify moments that matter.

    Moments that matter are defining pieces or periods in an employee’s experience that create a critical turning point or memory that is of significant importance to them.

    These are moments that dramatically change the path of the emotional journey, influence the quality of the final outcome, or end the journey prematurely.

    To identify the moment that matters look for significant drops in the emotional journey that your organization needs to improve or significant bumps that your organization can capitalize on. Look for these drops or bumps in the journey and take stock of everything you have recorded at that point in the process. To improve the experience, analyze the hidden needs and how they are or aren’t being met.

    The image contains a screenshot of an example graph to demonstrate opportunities and issues to help drive a positive employee experience.

    Info-Tech Insight

    The moment that matters is key and it could be completely separate from organizational life, like the death of a family member. Leaders can more proactively address these moments that matter by identifying them and determining how to make the touchpoint at that moment more impactful.

    2.2.1 Identify moments that matter

    1. Review your Employee Experience Monitor weekly trends by logging into your dashboard and clicking on “Time Series Trends.”
    2. With your management team, identify any weekly trends where your Employee Experience Score has seen changes in the number of detractor, passive, or promoter responses.
    3. For each significant change identify:
    • Increase in promoters or decrease in detractors:
      • What can we do to duplicate positive moments that occurred this week?
      • What did I do as a leader to create positive employee experiences?
      • What happened in the organization that created a positive employee experience?
    • Increase in detractors or decrease in promoters:
      • What difficult change was delivered this week?
      • What about this change was negatively perceived?
      • During the difficult situation how did we as a leadership team support our staff?
      • Who did we engage and recognize during the difficult situation?
      • Was this situation a one-off issue or is this likely to occur again?
  • Consider your interactions with employees and identify how you made moments matter during those times related to four key engagement drivers impacting women in IT:
    • How did you promote a positive culture and friendly atmosphere?
    • How did you empower female staff to leverage their talents?
    • How did you interact with staff?
    • How did you promote a positive work environment? Where did you see bias in decisions?
  • Independently as manager, document three to five lessons learned from the changes in your detractors and promoters, and determine what action you will take.
  • Measured benefits of positive employee experience

    Positive employee experiences lead to engaged employees, and engaged employees are eight times more likely to recommend the organization (McLean & Company Employee Engagement Database, 2017; N=74,671).

    Retention

    Employees who indicate they are having a positive experience at work have a 52% higher level of intent to stay (Great Place To Work Institute, 2021)

    The bottom line

    Organizations that make employee experience a focus have: 23% higher profitability 10% higher customer loyalty (Achievers, 2021)

    Case Study

    INDUSTRY: Post-Secondary Education

    SOURCE: Adam Grant, “Impact and the Art of Motivation Maintenance: The Effects of Contact with Beneficiaries on Persistence Behavior”

    The future is here! Is your data architecture practice ready?

    Challenge

    A university call center, tasked with raising scholarship money from potential donors, had high employee turnover and low morale.

    Solution

    A study led by Grant arranged for a test group of employees to meet and interact with a scholarship recipient. In the five-minute meeting, employees learned what the student was studying.

    Results

    Demonstrating the purpose behind their work had significant returns. Employees who had met with the student demonstrated:

    More than two times longer “talk time” with potential donors.

    A productivity increase of 400%: the weekly average in donations went from $185.94 to $503.22 for test-group employees.

    Enhance your retention strategies

    Do not wait until employees leave to find out what they were unhappy with or why they liked the organization. Instead, perform stay interviews with top and core talent to create a holistic understanding of what they are perceiving and feeling.

    Conduct stay interviews

    What is a stay interview?

    A stay interview is a conversation with current employees. It should be performed on a yearly basis and is an informal discussion to generate deeper insight into the employee’s opinions, perspectives, concerns, and complaints. Stay interviews can have a multitude of uses. In this project they will be used to understand why top and core talent chose to stay with the organization to ensure that organizations understand and build upon their current strengths.

    When should you do stay interviews?

    We recommend completing stay interviews at least on an annual, if not quarterly, basis to truly understand how staff are feeling about the organization and their job, why they stay at the organization, and what would cause them to leave. Couple the outcomes of these interviews with employee engagement action planning to ensure that you are able to address talent needs.

    Step 2.3

    Conduct stay interviews and learn why employees stay

    Activities

    2.3.1 Conduct stay interviews

    Conduct regular “stay” or “retention” interviews

    Build stay interviews into the regular routine. By incorporating stay interviews into your schedule, they are more likely to stick. This regularity provides several advantages:

    1. Ensures that retention issues do not take you by surprise. With a finger on the pulse of the organization you will be aware of potential issues.
    2. Acts as a supplement to the engagement survey by providing additional information and context for the current level of emotion within the organization.
    3. Begins to build a wealth of information that can be analyzed to identify themes and trends. This can be used to track whether the reasons why individuals stay are consistent or if are they changing. This will ensure that the retention strategy remains up to date.

    Stay interview best practices:

    • Ideally is performed by managers, but can be performed by HR.
      • Ideally completed by managers as they are more familiar with their employees, have a greater reach, can hold meetings in a more informal setting, and will receive information first hand.
      • If conducted by managers, it’s a best practice to ensure that there is a central repository of themes so that you can identify if there are any trends in the responses, that consistent questions are asked, and that all of the information is in one place
    • Should be an informal conversation.
    • Should be conducted in a non-critical time in the business year.
    • Ask three types of questions:
      • What do you enjoy about working here?
      • What would you change about your working environment?
      • What would encourage or force you to leave the organization?
    • Interview a diverse employee base:
      • Demographics
      • Role
      • Performance level
      • Location
    Source: Talent Management & HT, 2013

    Leverage stay interviews

    Use Info-Tech’s Stay Interview Guide.

    Proactively identify opportunities to drive retention.

    The Stay Interview Guide helps managers conduct interviews with current employees, enabling the manager to understand:

    • The employee's current engagement level.
    • The employee's satisfaction with current role and responsibilities.
    • Suggestions for potential improvements.
    • An employee's intent to stay with the organization.

    Use this template to help you understand how you can best engage your employees and identify any challenges, in terms of moments that mattered, that negatively impacted their intention to stay at the organization.

    The image contains a screenshot of Info-Tech's Stay Interview Guide.

    2.3.1 Conduct stay interviews

    1. If you are using the Employee Experience Monitor, prepare for your stay interviews by reviewing your results and identifying if there have been any changes in the results over the previous six weeks. Identify which demographics have the highest and lowest engagement levels – and identify any changes in experience between different demographics.
    2. Identify a meeting schedule and cadence that seems appropriate for your stay interviews. For example, you likely will not do all staff at the same time and it may be beneficial to space out your meetings throughout the year. Select a candidate for your first stay interview and invite them for a one-on-one meeting. If it’s unusual for you to meet with this employee, we recommend providing some light context around the rationale, such as that you are looking for opportunities to strengthen the organizational culture and better understand how you can improve retention and engagement at the organization.
    3. Download the Stay Interview Template, review all of the questions beforehand, and identify the key questions that you want to ask in the meeting.
    • TIP: Even though this is called a “stay interview,” really it should be more of a conversation, and certainly not an interrogation. Know the questions you want to ask, and ask your staff member if it’s ok if you jot down some notes. It may even be beneficial to have the meeting outside of the office, over lunch, or out for coffee.
  • Hold your meeting with the employee and thank them for their time.
  • Following the meeting, send them a thank-you email to thank them for providing feedback, summarize your top three to five key takeaways from the meeting, verify with them that this aligns with their perspective, and see if they have anything else to add to the conversation. Identify any initiatives or changes that you will make as a result of the information – set a date for execution and follow-up.
  • If you are in the process of recruiting new employees to the organization, don’t forget to remind them of your referral program and ask if they might know of any candidates that would be a good fit for the organization.
  • Download the Stay Interview Guide

    Ten tips for best managing stay interviews

    Although stay interviews are meant to be informal, you should schedule them as you would any other meeting. Simply invite the employee for a chat.

    1. Step out of the office if possible. Opt for your local coffee shop, a casual lunch destination, or another public but informal location.
    2. Keep the conversation short, no more than 15 to 20 minutes. If there are any areas of concern that you think warrant action, ask the employee if they would like to discuss them another time. Suggest another meeting to delve deeper into specific issues.
    3. Be clear about the purpose of the conversation. Stay interviews are not performance reviews.
    4. Focus on what you can do for them. Ask about the employee’s preferences when it comes to feedback and communication (frequency, method, etc.) as well as development (preferences around methods, e.g. coaching or rotations, and personal goals).
    5. Be positive. Ask your employee what they like about their job and use positively framed questions.
    6. Ask about what they like doing. People enjoy talking about what they like to do. Ask employees about the talents and skills they would like to incorporate into their work duties.
    7. Show that you’re listening – paraphrase, ask for clarification, and use appropriate gestures.
    8. Refrain from taking notes during the meeting to preserve a conversational atmosphere.
    9. Pay attention to the employee’s body language and tone. If it appears that they are uncomfortable talking to you, stop the interview or pause to let them collect themselves.
    10. Be open to suggestions, but remember that you can’t control everything. If the employee brings up issues that are beyond your control, tell them that you will do all you can to improve the situation but can’t guarantee anything.

    Related Info-Tech Research

    Recruit and Retain People of Color in IT

    • To stay competitive, IT leaders need to be more involved and commit to a plan to recruit and retain people of color in their departments and organizations. A diverse team is an answer to innovation that can differentiate your company.
    • Treat recruiting and retaining a diverse team as a business challenge that requires full engagement. Info-Tech offers a targeted solution that will help IT leaders build a plan to attract, recruit, engage, and retain people of color.

    Recruit Top IT Talent

    • Changing workforce dynamics and increased transparency have shifted the power from employers to job seekers, stiffening the competition for talent.
    • Candidate expectations match high consumer expectations and affect the employer brand, the consumer brand, and overall organizational reputation. Delivering a positive candidate experience (CX2) is no longer optional.

    Acquire the Right Hires with Effective Interviewing

    • Talk is cheap. Hiring isn’t.
    • Gain insight into and understand the need for a strong interview process.
    • Strategize and plan your interview process.
    • Understand various hiring scenarios and how an interview process may be modified to reflect your organization’s scenario.

    Bibliography

    “4 Hiring Trends Technology Managers Need to Know.” Robert Half Talent Solutions, 4 Oct. 2021. Accessed 4 Feb. 2022.

    “89% of CIOs are concerned about Talent Retention: SOTD CIO.” 2016 Harvey Nash/KPMG CIO Survey, CIO From IDG, 12 Aug. 2016. Web.

    Angier, Michelle, and Beth Axelrod. “Realizing the power of talented women.” McKinsey Insights, Sept. 2014. Web.

    Beansontoast23. “Not being trained on my first dev job.” Reddit, 29 July 2016. Web.

    Birt, Martin. “How to develop a successful mentorship program: 8 steps.” Financial Post, 5 Dec. 2014. Web.

    Bort, Julie. “The 25 Best Tech Employers For Women [Ranked].” Business Insider, 18 Nov. 2014. Web.

    Bradford, Laurence. “15 of the Most Powerful Women in Tech.” The Balance Careers, Updated 4 Feb. 2018. Web.

    “Building A Stronger, Better, More Diverse eBay.” eBay Inc., 31 July 2014. Web.

    “Canada’s Best Employers 2015: The Top 50 Large Companies.” Canadian Business, 2014. Article.

    Cao, Jing, and Wei Xue. “What are the Best practices to Promote High-Ranking Female Employees Within Organizations?” Cornell University ILR School, Spring 2013. Web.

    Cheng, Roger. “Women in Tech: The Numbers Don't Add Up.” CNET, 6 May 2015. Web.

    “CIO Survey 2020: Everything Changed. Or Did It?” Harvey Nash and KPMG, 2020. Accessed 24 Feb. 2022.

    Daley, Sam. “Women in Tech Statistics Show the Industry Has a Long Way to Go.” Built In, 5 May 2021. Accessed 1 March 2022.

    Dixon-Fyle, Sundiatu, et al. “Diversity wins: How inclusion matters.” McKinsey & Company, 19 May 2020. Accessed 24 Feb. 2022.

    Donovan, Julia. “How to Quantify the Benefits of Enhancing Your Employee Experience.” Achievers Solution Inc., 21 Sept. 2021. Web.

    “Engage Me! Employee Engagement Explored.” SoftSolutions, 12 Jan. 2016. Web.

    Erb, Marcus. Global Employee Engagement Benchmark Study. Great Place to Work Institute, 29 Nov. 2021. Accessed 15 Feb. 2022.

    Garner, Mandy. “How to attract and recruit a more gender diverse team.” Working Mums, 4 March 2016. Web.

    Gaur, Shubhra. “Women in IT: Their path to the top is like a maze.” Firstpost, 28 Aug. 2015. Web.

    “Girls Gone Wired Subreddit.” Reddit, n.d. Web.

    Glassdoor Team. “10 Ways to Remove Gender Bias from Job Descriptions.” Glassdoor for Employers Blog, 9 May 2017. Web.

    Grant, Adam. “Impact and the Art of Motivation Maintenance: The Effects of Contact with Beneficiaries on Persistence Behavior.” Organizational Behavior and Human Decision Processes, vol. 103, no. 1, 2007, pp. 53-67. Accessed on ScienceDirect.

    IBM Smarter Workforce Institute. The Employee Experience Index. IBM Corporation, 2016. Web.

    ISACA. “Tech Workforce 2020: The Age and Gender Perception Gap.” An ISACA Global Survey Report, 2019. Accessed 17 Feb. 2022.

    Johnson, Stephanie K., David R. Hekman, and Elsa T. Chan. “If There’s Only One Woman in Your Candidate Pool, There’s Statistically No Chance She’ll Be Hired.” Harvard Business Review, 26 April 2016. Web.

    Kessler, Sarah. “Tech's Big Gender Diversity Push One Year In.” Fast Company, 19 Nov. 2015. Web.

    Kosinski, M. “Why You Might Want to Focus a Little Less on Hiring for Cultural Fit.” Recruiter.com, 11 Aug. 2015. Web.

    Krome, M. A. “Knowledge Transformation: A Case for Workforce Diversity.” Journal of Diversity Management (JDM), vol. 9, no. 2, Nov. 2014, pp. 103-110.

    Ladimeij, Kazim. “Why Staff Resign; the Psychology of Quitting.” The Career Café, 31 March 2017. Updated 9 Jan. 2018. Web.

    Loehr, Anne. “Why You Need a New Strategy For Retaining Female Talent.” ReWork, 10 Aug. 2015. Web.

    Lucas, Suzanne. “How Much Employee Turnover Really Costs You.” Inc., 30 Aug. 2013. Web.

    Marttila, Paula. “5 Step Action Plan To Attract Women Join Tech Startups.” LinkedIn, 10 March 2016. Web.

    Mayor, Tracy. “Women in IT: How deep is the bench?” Computerworld, 19 Nov. 2012. Web.

    McCracken, Douglas M. “Winning the Talent War for Women: Sometimes It Takes a Revolution.” Harvard Business Review, Nov.-Dec. 2000. Web.

    McDonald’s Careers. McDonald’s, n.d. Web.

    McFeely, Shane, and Ben Wigert. “This Fixable Problem Costs U.S. Businesses $1 Trillion.” Gallup, Inc., 31 March 2019. Accessed 4 March 2022.

    Morgan, Jacob. The Employee Experience Advantage: How to Win the War for Talent by Giving Employees the Workspaces they Want, the Tools they Need, and a Culture They Can Celebrate. John Wiley & Sons, Inc., 2017. Print.

    Napolitano, Amy. “How to Build a Successful Mentoring Program.” Training Industry, 20 April 2015. Web.

    Peck, Emily. “The Stats On Women In Tech Are Actually Getting Worse.” Huffington Post. 27 March 2015. Updated 6 Dec. 2017. Web. 20

    Porter, Jane. “Why Are Women Leaving Science, Engineering, And Tech Jobs?” Fast Company, 15 Oct. 2014. Web.

    Pratt, Siofra. “Emma Watson: Your New Recruitment Guru - How to: Attract, Source and Recruit Women.” SocialTalent, 25 Sept. 2014. Web.

    “RBC Diversity Blueprint 2012-2015.” 2012-2015 Report Card, RBC, 2015. Web.

    Richter, Felix. “Infographic: Women’s Representation in Big Tech.” Statista Infographics, 1 July 2021. Web.

    Rogers, Rikki. “5 Ways Companies Can Attract More Women (Aside From Offering to Freeze Their Eggs).” The Muse, n.d. Web.

    Sazzoid. “HOWTO recruit and retain women in tech workplaces.” Geek Feminism Wiki, 10 Jan. 2012. Updated 18 Aug. 2016. Web.

    Seiter, Courtney. “Why We Removed the Word ‘Hacker’ From Buffer Job Descriptions.” Buffer Open blog, 13 March 2015. Updated 31 Aug. 2018. Web.

    Serebrin, Jacob. “With tech giants like Google going after female talent, how can startups compete?” The Globe and Mail, 18 Jan. 2016. Updated 16 May 2018. Web.

    Snyder, Kieran. “Why women leave tech: It's the culture, not because 'math is hard'.” Fortune, 2 Oct. 2014. Web.

    Stackpole, Beth. “5 ways to attract and retain female technologists.” Computerworld, 7 March 2016. Web.

    Sullivan, John. “4 Stay Interview Formats You Really Should Consider.” Talent Management & HT, 5 Dec. 2013. Web.

    Syed, Nurhuda. “IWD 2021: Why Are Women Underrepresented in the C-Suite?” HRD America, 5 March 2021. Web.

    Sylvester, Cheryl. “How to empower women in IT (and beyond) on #InternationalWomenDay.” ITBUSINESS.CA, 31 March 2016. Web.

    “The Power of Parity: Advancing Women’s Equality in the United States.” McKinsey Global Institute, April 2016. Web.

    White, Cindy. “How to Promote Gender Equality in the Workplace.” Chron, 8 Aug. 2018. Web.

    White, Sarah. “Women in Tech Statistics: The Hard Truths of an Uphill Battle.” CIO From IDG Communication, Inc., 8 March 2021. Accessed 24 Feb. 2022.

    Build Your Enterprise Application Implementation Playbook

    • Buy Link or Shortcode: {j2store}605|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Selection & Implementation
    • Parent Category Link: /selection-and-implementation
    • Given the increasing complexity of software implementations, you are continually challenged with staying above water with your current team.
    • In addition, rapid changes in the business make maintaining project sponsors’ engagement challenging.
    • Project sprawl across the organization has created a situation where each project lead tracks progress in their own way. This makes it difficult for leadership to identify what was successful – and what wasn’t.

    Our Advice

    Critical Insight

    An effective enterprise application implementation playbook is not just a list of steps, but a comprehensive view of what is necessary to support your implementation. This starts with a people-first approach. Start by asking about sponsors, stakeholders, and goals. Without asking these questions first, the implementation will be set up for failure, regardless of the technology, processes, and tools available.

    Impact and Result

    Follow these steps to build your enterprise application playbook:

    • Define your sponsor, map out your stakeholders, and lay out the vision, goals and objectives for your project.
    • Detail the scope, metrics, and the team that will make it happen.
    • Outline the steps and processes that will carry you through the implementation.

    Build Your Enterprise Application Implementation Playbook Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build Your Enterprise Application Implementation Playbook Deck - Your implementation doesn’t start with technology, but with an effective plan that the team can align on.

    This blueprint provides the steps necessary to build your own enterprise application implementation playbook that can be deployed and leveraged by your implementation teams.

    • Build Your Enterprise Application Implementation Playbook – Phases 1-3

    2. Your Enterprise Application Implementation Playbook – The key output from leveraging this research is a completed implementation playbook.

    This is the main playbook that you build through the exercises defined in the blueprint.

    • Your Enterprise Application Implementation Playbook

    3. Your Enterprise Application Implementation Playbook - Timeline Tool – Supporting tool that captures the project timeline information, issue log, and follow-up dashboard.

    This tool provides input into the playbook around project timelines and planning.

    • Your Enterprise Application Implementation Playbook - Timeline Tool

    4. Light Project Change Request Form Template – This tool will help you record the requested change, allow assess the impact of the change and proceed the approval process.

    This provides input into the playbook around managing change requests

    • Light Project Change Request Form Template

    Infographic

    Workshop: Build Your Enterprise Application Implementation Playbook

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Understand the Project

    The Purpose

    Lay out the overall objectives, stakeholders, and governance structure for the project.

    Key Benefits Achieved

    Align everyone on the sponsor, key stakeholders, vision, and goals for your project

    Activities

    1.1 Select the project sponsor.

    1.2 Identify your stakeholders.

    1.3 Align on a project vision.

    1.4 List your guiding principles.

    1.5 Confirm your goals and objectives for the implementation project.

    1.6 Define the project governance structure.

    Outputs

    Project sponsor has been selected.

    Project stakeholders have been identified and mapped with their roles and responsibilities.

    Vision has been defined.

    Guiding principles have been defined.

    Articulated goals and objectives.

    Detailed governance structure.

    2 Set up for Success

    The Purpose

    Define the elements of the playbook that provide scope and boundaries for the implementation.

    Key Benefits Achieved

    Align the implementation team on the scope for the project and how the team should operate during the implementation.

    Activities

    2.1 Gather and review requirements, with an agreed to scope.

    2.2 Define metrics for your project.

    2.3 Define and document the risks that can impact the project.

    2.4 Establish team composition and identify the team.

    2.5 Detail your OCM structure, resources, roles, and responsibilities.

    2.6 Define requirements for training.

    2.7 Create a communications plan for stakeholder groups and delivery teams.

    Outputs

    Requirements for enterprise application implementation with an agreed-to scope.

    Metrics to help measure what success looks like for the implementation.

    Articulated list of possible risks during the implementation.

    The team responsible and accountable for implementation is identified.

    Details of your organization’s change management process.

    Outline of training required.

    An agreed-to plan for communication of project status.

    3 Document Your Plan

    The Purpose

    With the structure and boundaries in place, we can now lay out the details on the implementation plan.

    Key Benefits Achieved

    A high-level plan is in place, including next steps and a process on running retrospectives.

    Activities

    3.1 Define your implementation steps.

    3.2 Create templates to enable follow-up throughout the project.

    3.3 Decide on the tracking tools to help during your implementation.

    3.4 Define the follow-up processes.

    3.5 Define project progress communication.

    3.6 Create a Change request process.

    3.7 Define your retrospective process for continuous improvement.

    3.8 Prepare a closure document for sign-off.

    Outputs

    An agreed to high-level implementation plan.

    Follow-up templates to enable more effective follow-ups.

    Shortlist of tracking tools to leverage during the implementation.

    Defined processes to enable follow-up.

    Defined project progress communication.

    A process for managing change requests.

    A process and template for running retrospectives.

    A technique and template for closure and sign-off.

    Further reading

    Build Your Enterprise Application Implementation Playbook

    Your implementation doesn’t start with technology, but with an effective plan that the team can align on.

    Analyst Perspective

    Your implementation is not just about technology, but about careful planning, collaboration, and control.

    Recardo de Oliveira

    A successful enterprise application implementation requires more than great software; it requires a clear line of sight to the people, processes, metrics, and tools that can help make this happen.

    Additionally, every implementation is unique with its own set of challenges. Working through these challenges requires a tailored approach taking many factors into account. Building out your playbook for your implementation is an important initial step before diving head-first into technology.

    Regardless of whether you use an implementation partner, a playbook ensures that you don’t lose your enterprise application investment before you even get started!

    Ricardo de Oliveira

    Research Director,
    Application Delivery and Management
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    • Given the increasing complexity of software implementations, you are continually challenged with staying above water with your current team.
    • Rapid changes in the business make maintaining project sponsors’ engagement challenging.
    • Project sprawl across the organization has created a situation where project leads track progress in their own way. This makes it difficult for leadership to identify what was successful (and what wasn’t).

    Common Obstacles

    • Your best process experts are the same people you need to keep the business running. The business cannot afford to have its best people pulled into the implementation for long periods of time.
    • Enterprise application implementations generate huge organizational changes and the adoption of the new systems and processes resulting from these projects are quite difficult.
    • People are generally resistant to change, especially large, transformational changes that will impact the day-to-day way of doing things.

    Info-Tech's Approach

    • Build your enterprise application implementation playbook. Follow these steps to build your enterprise application playbook:
      • Define your sponsor, map out your stakeholders, and lay out the vision, goals, and objectives for your project.
      • Detail the scope, metrics, and the team that will make it happen.
      • Detail the steps and processes that will carry you through the implementation

    Info-Tech Insight

    An effective enterprise application implementation playbook is not just a list of steps; it is a comprehensive view of what is necessary to support your implementation. This starts with a people-first approach. Start by asking about sponsors, stakeholders, and goals. Without asking these questions first, the implementation will be set up for failure, regardless of the technology, processes, and tools available.

    Enterprise Applications Lifescycle Advisory Services. Strategy, selection, implementation, optimization and operations.

    Insight summary

    Building an effective playbook starts with asking the right questions, not jumping straight into the technical details.

    • This blueprint provides the steps required to lay out an implementation playbook to align the team on what is necessary to support the implementation.
    • Build your Enterprise Application Implementation Playbook by:
      • Aligning and confirming project’s goals, stakeholders, governance and team.
      • Clearly defining what is in and out of scope for the project and the risks involved.
      • Building up a strong change management process.
      • Providing the tools and processes to keep track of the project.
      • Pulling it all together into an actionable playbook.

    Grapsh showing 39%

    Lack of planning is the reason that 39% of projects fail. Poor project planning can be disastrous: The consequences are usually high costs and time overruns.

    Graph showing 20%

    Almost 20% of IT projects can fail so badly that they can become a threat to a company’s existence. Lack of proper planning, poor communication, and poorly defined goals all contribute to the failure of projects.

    Graph showig 2.5%

    A PwC study of over 10,640 projects found that a tiny portion of companies – 2.5% – completed 100% of their projects successfully. These failures extract a heavy cost – failed IT projects alone cost the United States $50-$150B in lost revenue and productivity.

    Source: Forbes, 2020

    Planning and control are key to enterprise project success

    An estimated 70% of large-scale corporate projects fail largely due to a lack of change management infrastructure, proper oversight, and regular performance check-ins to track progress (McKinsey, 2015).

    Table showing that 88% of projects completed on time, 90% completed within budget and 92% meet original goals. 68% of projects have scope creep, 24% deemed failures and 46% experience budget lose when project fails

    “A survey published in HBR found that the average IT project overran its budget by 27%. Moreover, at least one in six IT projects turns into a ‘black swan’ with a cost overrun of 200% and a schedule overrun of 70%. Kmart’s massive $1.2B failed IT modernization project, for instance, was a big contributor to its bankruptcy.”

    Source: Forbes, 2020

    Sponsor commitment directly improves project success.

    Having the right sponsor significantly improves your chances of success across many different dimensions:

    1. On-time delivery
    2. Delivering within budget
    3. Delivered within an agreed-to scope
    4. Delivered with sufficient quality.
    Graph that shows Project success scores versus sponsor involvement in change communication. Shows increase for projects on time, projects on budget, within scope and overall quality.

    Source: Info-Tech, PPM Current State Scorecard Diagnostic

    Executive Brief Case Study

    Chocolate manufacturer implementing a new ERP

    INDUSTRY

    Consumer Products

    SOURCE

    Carlton, 2021

    Challenge

    Not every ERP ends in success. This case study reviews the failure of Hershey, a 147-year-old confectioner, headquartered in Hershey Pennsylvania. The enterprise saw the implementation of an ERP platform as being central to its future growth.

    Solution

    Consequently, rather than approaching its business challenge on the basis of an iterative approach, it decided to execute a holistic plan, involving every operating center in the company. Subsequently, SAP was engaged to implement a $10 million systems upgrade; however, management problems emerged immediately.

    Results

    The impact of this decision was significant, and the company was unable to conduct business because virtually every process, policy, and operating mechanism was in flux simultaneously. The consequence was the loss of $150 million in revenue, a 19% reduction in share price, and the loss of 12% in international market share.

    Remember: Poor management can scupper implementation, even when you have selected the perfect system.

    A successful software implementation provides more than simply immediate business value…

    It can build competitive advantage.

    • When software projects fail, it can jeopardize an organization’s financial standing and reputation, and in some severe cases, it can bring the company down altogether.
    • Rarely do projects fail for a single reason, but by understanding the pitfalls, developing a risk mitigation plan, closely monitoring risks, and self-evaluating during critical milestones, you can increase the probability of delivering on time, on budget, and with the intended benefits.

    Benefits are not limited to just delivering on time. Some others include:

    • Building organizational delivery competence and overall agility.
    • The opportunity to start an inventory of best practices, eventually building them into a center of excellence.
    • Developing a competitive advantage by maximizing software value and continuously transforming the business.
    • An opportunity to develop a competent pool of staff capable of executing on projects and managing organizational change.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Your Enterprise Application Implementation Playbook – Timeline Tool

    Supporting template that captures the project timeline information, issue log, and follow-up dashboard.

    Info-Tech: Project Planning and Monitoring Tool.
    Light Project Change Request Form Template

    This tool will help you record the requested change, and allow you to assess the impact of the change and proceed with the approval process.

    Info-Tech: Light change request form template.

    Key deliverable:

    Your Enterprise Application Implementation Playbook

    Record the results from the exercises to define the steps for a successful implementation.

    Build your enterprise application implementation playbook.

    Info-Tech’s methodology for Your Enterprise Application Implementation Playbook

    Phase Steps

    1. Understand the Project

    1. Identify the project sponsor
    2. Define project stakeholders
    3. Review project vision and guiding principles
    4. Review project objectives
    5. Establish project governance

    2. Set up for success

    1. Review project scope
    2. Define project metrics
    3. Prepare for project risks
    4. Identify the project team
    5. Define your change management process

    3. Document your plan

    1. Develop a master project plan
    2. Define a follow-up plan
    3. Define the follow-up process
    4. Understand what’s next
    Phase Outcomes
    • Project sponsor has been selected
    • Project stakeholders have been identified and mapped with their roles and responsibilities.
    • Vision, guiding principles, goals objectives, and governance have been defined
    • Project scope has been confirmed
    • Project metrics to identify successful implementation has been defined
    • Risks have been assessed and articulated.
    • Identified project team
    • An agreed-to change management process
    • Project plan covering the overall implementation is in place, including next steps and retrospectives

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostic and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    The three phases of guided implementation.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization. A typical GI is between 8 to 12 calls over the course of 4 to 6 months.

    Workshop Overview

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889 Activities and deliverables for each module of the workshop. Module 1: understanding the project, Module 2: Set up for success, Modeule 3: Document your plan, and Post Workshop: Next steps and Wrap-up(offsite).

    Phase 1

    Understand the project

    3 phases, phase 1 is highlighted.

    This phase will walk you through the following activities:

    1.1 Identify the project sponsor

    1.2 Identify project stakeholders

    1.3 Review project vision and guiding principles

    1.4 Review project objectives

    1.5 Establish project governance

    This phase involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Step 1.1

    Identify the project sponsor

    Activities

    1.1.1 Define the project sponsor's responsibilities

    1.1.2 Shortlist potential sponsors

    1.1.3 Select the project sponsor

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Selected sponsor.

    Sponsor commitment directly improves project success.

    Having the right sponsor significantly improves your chances of success across many different dimensions:

    1. On-time delivery
    2. Delivering within budget
    3. Delivered within an agreed-to scope
    4. Delivered with sufficient quality.

    Graph that shows Project success scores versus sponsor involvement in change communication. Shows increase for projects on time, projects on budget, within scope and overall quality.

    Source: Info-Tech, PPM Current State Scorecard Diagnostic

    Typical project sponsor responsibilities

    • Help define the business goals of their projects before they start.
    • Provide guidance and support to the project manager and the project team throughout the project management lifecycle.
    • Ensure that sufficient financial resources are available for their projects.
    • Resolve problems and issues that require authority beyond that of the project manager.
    • Ensure that the business objectives of their projects are achieved and communicated.

    For further discussion on sponsor responsibilities, use Info-Tech’s blueprint, Drive Business Value With a Right-Sized Project Gating Process

    Portrait of head with multiple layers representing the responsibilities of a sponsor. From top down: Define business goals, provide guidance, ensure human ad financial resources, resolve problems and issues.

    1.1.1 Define the project sponsor’s responsibilities

    0.5-1 hour

    1. Discuss the minimum requirements for a sponsor at your organization.
    2. As a group, brainstorm the criteria necessary for an individual to be a project sponsor:
      1. Is there a limit to the number of projects they can sponsor at one time?
      2. Is there a minimum number of hours they must be available to the project team?
      3. Do they have to be at a certain seniority level in the organization?
      4. What is their role at each stage of the project lifecycle?
    3. Document these criteria on a whiteboard.
    4. Record the sponsor’s responsibilities in section 1.1 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • Requirements for a sponsor
    • Your responsibilities as a sponsor

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    1.1.1 Define the project sponsor’s responsibilities (Continued)

    Example

    Project sponsor responsibilities.

    1.1.2 Shortlist potential sponsors

    0.5-1 hour

    1. Based on the responsibilities defined in Exercise 1.1.1, produce a list of the potential sponsors.
    2. Record the sponsor’s shortlist in section 1.2 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • Characteristics of a sponsor
    • Your list of candidates

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    1.1.2 Shortlist potential sponsors (Continued)

    Example

    Shortlist of potential sponsors. 6 names listed with checkmarks on criteria ranking.

    Don’t forget, the project team is there to support the sponsor

    Given the burden of the sponsor role, the project team is committed to doing their best to facilitate a successful outcome.

    Project Success: Follow best practices, escalate issues, stay focused, communicate, adapt to change.

    • Follow the framework set out by the governance group at the organization to drive efficiency on the project.
    • Ensure stakeholders with proper authority are notified of issues that occur during the project.
    • Stay focused on the project tasks to drive quality on the deliverables and avoid rework after the project.
    • Communicate within the project team to drive coordination of tasks, complete deliverables, and avoid resource waste.
    • Changes are more common than not; the team must be prepared to adjust plans and stay agile to adapt to changes for the project.

    Seek the key characteristics of a sponsor

    Man walking up stairs denoting characteristics of a good sponsor. First step: Leader, second step: Strong Communicator, third step: knowledgeable, fourth step: problem solver, fifth step: delegator, final step: dedicated.

    1.1.3 Select the project sponsor

    0.5-1 hour

    1. Review the characteristics and the list of potential candidates.
    2. Assess availability, suitability, and desire of the selected sponsor.
    3. Record the selected sponsor in section 1.3 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • List of candidates
    • Characteristics of a sponsor
    • Your selected sponsor

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    1.1.3 Select the project sponsor (Continued)

    Example

    Name of example sponsor with their key traits listed.

    Step 1.2

    Identify the project stakeholders

    Activities

    1.2.1 Identify your stakeholders

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Stakeholders’ management plan

    How to find the right stakeholders

    Start with the obvious candidates, but keep an open mind.

    How to find stakeholders

    • Talk to your stakeholders and ask who else you should be talking to, to discover additional stakeholders and ensure you don’t miss anyone.
    • Less obvious stakeholders can be found by conducting various types of trace analysis, i.e. following various paths flowing from your initiative through to the path’s logical conclusion.

    Create a stakeholder network map for your application implementation

    Follow the trail of breadcrumbs from your direct stakeholders to their influencers to uncover hidden stakeholders.

    Stakeholder network map showing direction of professional influence as well as bidirectional, informal influence relationships.

    Info-Tech Insight

    Your stakeholder map defines the influence landscape your enterprise application operates in. It is every bit as important as the teams who enhance, support, and operate your applications directly.

    Use connectors to determine who may be influencing your direct stakeholders. They may not have any formal authority within the organization, but they may have substantial informal relationships with your stakeholders.

    Understand how to navigate the complex web of stakeholders

    Identify which stakeholders to include and what their level of involvement should be during requirements elicitation based on relevant topic expertise.

    Graph showing influence vs. interest, divided into 4 quadrants. Low influence and intersest is labeled: Monitor, low influence and high interest is labeled: Keep informed, High influence and low interest is labeled: Keep satisfied, and high influence and high interest is labeled: Involve closely

    Large-scale projects require the involvement of many stakeholders from all corners and levels of the organization, including project sponsors, IT, end users, and business stakeholders. Consider the influence and interest of stakeholders in contributing to the requirements elicitation process and involve them accordingly.

    Map the organization’s stakeholders

    List of various stakeholder titles. As well as a graph showing the influence vs involvement of each stakeholder title. Influence and interest is divided into 4 quadrants: Monitor, Keep informed, keep satisfied, and involve closely.

    1.2.1 Identify your stakeholders

    1-2 hours

    1. As a group, identify all the project stakeholders. A stakeholder may be an individual such as the CEO or CFO, or it may be a group such as front-line employees.
    2. Map each stakeholder on the quadrant based on their expected influence and involvement in the project
    3. Identify stakeholders and add them to the list.
    4. Record the stakeholders list in section 1.4 of Info-Tech’s Your Enterprise Application Implementation Playbook.
    5. Download Your Enterprise Application Implementation Playbook

      Input

      Output

      • Types of stakeholders
      • Your stakeholders initial list

      Materials

      Participants

      • Whiteboard/flip charts
      • Your Enterprise Application Implementation Playbook
      • Project team
      • Operations
      • SMEs
      • Team lead and facilitators
      • IT leaders

    1.2.1 Identify your stakeholders(Continued)

    Example

    Table with rows of stakeholders: Customer, End Users, IT, Vendor and other listed. Columns provide: description, examples, value and involvement level of each stakeholder.

    Step 1.3

    Review project vision and guiding principles

    Activities

    1.3.1 Align on a project vision

    1.3.2 List your guiding principles

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Project vision and guiding principles

    Vision and guiding principles

    GUIDING PRINCIPLES

    Guiding principles are high-level rules of engagement that help to align stakeholders from the outset. Determine guiding principles to shape the scope and ensure stakeholders have the same vision.

    Creating Guiding Principles

    Guiding principles should be constructed as full sentences. These statements should be able to guide decisions.

    EXAMPLES
    • [Organization] is implementing an ERP system to streamline processes and reduce redundancies, saving time and money.
    • [Organization] is implementing an ERP to integrate disparate systems and rationalize the application portfolio.
    • [Organization] is aiming at taking advantage of industry best practices and strives to minimize the level of customization required in solution.

    Questions to Ask

    1. What is a strong statement that will help guide decision making throughout the life of the ERP project?
    2. What are your overarching requirements for business processes?
    3. What do you ultimately want to achieve?
    4. What is a statement that will ensure all stakeholders are on the same page for the project?

    1.3.1 Align on a project vision

    1-2 hours

    1. As a group, discuss whether you want to create a separate project vision statement or restate your corporate vision and/or goals.
      1. A project vision statement will provide project-guiding principles, encompass the project objectives, and give a rationale for the project.
      2. Using the corporate vision/goals will remind the business and IT that the project is to implement an enterprise application that supports and enhances the organizational objectives.
    2. Record the project vision in section 1.5 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • Project vision statement defined during strategy building
    • Your project vision

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    1.3.1 Align on a project vision (Continued)

    Example

    Project Vision

    We, [Organization], will select and implement an integrated software suite that enhances the growth and profitability of the organization through streamlined global business processes, real-time data-driven decisions, increased employee productivity, and IT investment protection.

    Guiding principles examples

    The guiding principles will help guide your decision-making process. These can be adjusted to align with your internal language.

    • Support business agility: A flexible and adaptable integrated business system providing a seamless user experience.
    • Use best practices: Do not recreate or replicate what we have today; focus on modernization. Exercise customization governance by focusing on those customizations that are strategically differentiating.
    • Automate: Take manual work out where we can, empowering staff and improving productivity through automation and process efficiencies.
    • Stay focused: Focus on scope around core business capabilities. Maintain scope control. Prioritize demand in line with the strategy.
    • Strive for "one source of truth": Unify data model and integrate processes where possible. Assess integration needs carefully.

    1.3.2 List your guiding principles

    1-2 hours

    1. Start with the guiding principles defined during the strategy building.
    2. Review each of the sample guiding principles provided and ask the following questions:
      1. Do we agree with the statement?
      2. Is this statement framed in the language we use internally? Does everyone agree on the meaning of the statement?
      3. Will this statement help guide our decision-making process?
    3. Record the guiding principles in section 1.6 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • Guiding principles defined during strategy building
    • Your guiding principles

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    1.3.2 List your guiding principles (Continued)

    Example

    Guiding principals: Support business agility, use best practices, automate, stay focused, strive for `one source truth`.

    Step 1.4

    Review project objectives

    Activities

    1.4.1 Confirm your goals and objectives for the implementation project

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    The objectives of the implementation project

    Review the elements of the project charter

    Leverage completed deliverables to get project managers started down the path of success.

    Deliverables of project chaters for PMs. Project purpose, scope, logistics and sign-off.

    1.4.1 List your guiding principles

    1-2 hours

    1. Articulate the high-level objectives of the project. (What are the goals of the project?)
    2. Elicit the business benefits the sponsor is committed to achieving. (What are the business benefits of the project?)
    3. Record Project goals and objectives in section 1.7 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • Your BizDevOps objectives and metrics
    • Understanding of various collaboration methods, such as Scrum, Kanban, and Scrumban
    • Your chosen collaboration method

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    1.4.1 Confirm your goals and objectives for the implementation project (Continued)

    Example:

    Project Objectives: End-user visibility, New business development, employee experience. Business Benefits for each objective listed.

    Step 1.5

    Establish project governance

    Activities

    1.5.1 Define the project governance structure

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Approach to build an effective project governance

    1.5.1 List your guiding principles

    0.5-1 hour

    1. Identify the IT governance structure in place today and document the high-level function of each body (councils, steering committees, review boards, centers of excellence, etc.).
    2. Identify and document the existing enterprise applications governance structure, roles, and responsibilities (if any exist).
    3. Identify gaps and document the desired enterprise applications governance structure, roles, and responsibilities.
    4. Record the project governance structure in section 1.8 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • IT governance structure
    • Your project governance structure

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Governance is NOT management

    Three levels of governance: Team Level, Steering Committee Level, and Executive Governance Level.

    Info-Tech Insight

    You won’t get engagement unless there is a sense of accountability. Do not leave this vague. Accountability needs to be assigned to specific individuals in your organization to ensure the system development achieves what was intended by your organization and not what your system integrator (SI) intended.

    Who is accountable?

    Too many assumptions are made that the SI is accountable for all implementation activities and deliverables – this is simply untrue. All activities can be better planned for, and misunderstandings can be avoided, with a clear line of sight on roles and responsibilities and the documentation that will support these assumptions.

    Discuss, define, and document roles and responsibilities:
    • For each role (e.g. executive sponsor, delivery manager, test lead, conversion lead), clearly articulate the responsibilities of the role, who is accountable for fulfillment, and whether it’s a client role, SI role, or both.
    • Articulate the purpose of each deliverable clearly, define which individual or team has responsibility for it, and document who is expected to contribute.
    • Empower the team by granting them the authority to make decisions. Ease their reluctance to think outside the box for fear of stakeholder or user backlash.
    • The implementation cannot and will not be transformative if the wrong people are involved or if the right people have not been given the tools required to succeed in their role.

    1.5.2 List your guiding principles

    0.5-1 hour

    1. Assess the skills necessary for an enterprise implementation. Inventory the competencies required for an enterprise implementation team. Map your internal resources to each competency as applicable.
    2. Select your internal implementation team. Determine who needs to be involved closely with the implementation. Key stakeholders should also be considered as members of your implementation team.
    3. Identify the number of external consultants/support required for implementation. Consider your in-house skills, timeline, integration environment complexity, and cost constraints as you make your resourcing plan.
    4. Record governance team roles and responsibilities in 1.9 section of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • Available resources (internal, external, contract)
    • Your governance structure roles and responsibilities

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    1.5.2 Define governance team roles and responsibilities (Continued)

    Example

    Governance team roles and their responsibilities.

    Phase 2

    Set up for success

    3 phases, phase 2 is highlighted.

    This phase will walk you through the following activities:

    2.1. Review project scope

    2.2. Define project metrics

    2.3. Prepare for project risks

    2.4. Identify the project team

    2.5. Define your change management process

    This phase involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Step 2.1

    Review project scope

    Activities

    2.1.1 Gather and review requirements

    2.1.2 Confirm your scope for implementation

    2.1.3 Formulate a scope statement

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    The project scope

    Requirements are key to defining scope

    Project scope management includes the processes required to ensure that the project includes all and only the work required to complete the project successfully. Therefore, managing project scope is about defining and controlling what is and is not included in the project.

    PMBOK defines requirements as “conditions or capabilities that are to be met by the project or present in the product, service, or result to satisfy an agreement or other formally imposed specification.” Detailed requirements should be gathered and elicited in order to provide the basis for defining the project scope.

    70% of projects fail due to poor requirements, organizations using poor practices spent 62% more, 4th highest correlation to high IT performance is requirements gathering.

    Well-executed requirements gathering results in:

    • Consistent approach from project to project, resulting in more predictable outcomes.
    • Solutions that meet the business need on the surface and under the hood.
    • Reduce risk for fast-tracked projects by establishing a right-sized approach.
    • Requirements team that can drive process improvement and improved execution.
    • Confidence when exploring solution alternatives.

    Poorly executed requirements gathering results in:

    • IT receiving the blame for any project shortcomings or failures.
    • Business needs getting lost in the translation between the initial request and final output.
    • Inadequate solutions or cost overruns and dissatisfaction with IT.
    • IT losing its credibility as stakeholders do not see the value and work around the process.
    • Late projects that tie up IT resources longer than planned, and cost overruns that come out of the IT budget.
    • Inconsistent project execution, leading to inconsistent outcomes.

    Strong stakeholder satisfaction with requirements results in higher satisfaction in other areas

    High stakeholder satisfaction with requirements results in higher satisfaction in other areas.

    Note: “High satisfaction” was classified as a score greater or equal to eight, and “low satisfaction” was every organization that scored below eight on the same questions.

    2.1.1 Gather and review requirements

    1-2 hours

    1. Once existing documentation has been gathered, evaluate the effectiveness of the documentation and decide whether you need additional information to proceed to current-state mapping.
    2. The initiative team should avoid spending too much time on the discovery phase, as the goal of discovery is to obtain enough information to produce a level-one current-state map.
    3. Consider reviewing capabilities, business processes, current applications, integration, and data migration.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • Your requirements, capabilities, business processes, current applications, integration, and/or data migration
    • Your requirements, capabilities, business processes, current applications, integration, and/or data migration revisited

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.1.1 Requirements list

    Example

    Requirements with description, category and priority.

    2.1.2 Confirm your scope for implementation

    1-2 hours

    1. Based on the requirements, write down features of the product or services, as well as dependencies with other interfaces.
    2. Write down exclusions to guard against scope creep.
    3. Validate the scope by asking these questions:
      1. Will this scope provide a common understanding for all stakeholders, including those outside of IT, as to what the project will accomplish and what it excludes?
      2. Should any detail be added to prevent scope creep later?
    4. Record the project scope in section 2.1 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook

    Input

    Output

    • What’s in scope
    • What’s out of scope
    • What needs to integrate
    • Your scope areas

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.1.2 Scope detail

    Example

    Example of scope detail. Table with scope levels: In scope, out of scope and existing scope. Each scope level has details about it listed.

    Distill your requirements into a scope statement

    Requirements are about the what and the how.
    Scope specifies the features of the product or service – what is in and what is out
    Table showing Requirement document vs. Scope statement. It lists the audience, content, inputs and outputs for each.

    The Build Your Enterprise Application Implementation Playbook 2.2 Project Scope Statement includes:

    • Scope description (features, how it interfaces with other solution components, dependencies).
    • Exclusions (what is not part of scope).
    • Deliverables (product outputs, documentation).
    • Acceptance criteria (what metrics must be satisfied for the deliverable to be accepted).
    • Final sign-off (owner).
    • Project exclusions (scope item, details).

    The scope statement should communicate the breadth of the project

    To assist in forming your scope statement, answer the following questions:
    • What are the major coverage points?
    • Who will be using the systems?
    • How will different users interact with the systems?
    • What are the objectives that need to be addressed?
    • Where do we start?
    • Where do we draw the line?

    2.1.3 Formulate a scope statement

    1-2 hours

    1. Lay out the scope description (features, how it interfaces with other solution components, dependencies).
    2. Record the exclusions (what is not part of scope).
    3. Fill out the scope statement.
    4. Record the scope statement in section 2.2 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your scope areas
    • Your scope statement

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Scope statement template
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.1.3 Scope statement

    Example

    Examples of scope statements showing the following: Product or service in scope, project deliverables and acceptance criteria, and project exclusions.

    Step 2.2

    Review project scope

    Activities

    2.2.1 Define metrics for your project

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    The project metrics

    Building leading indicators

    Lagging KPIs are relatively simple to identify, whereas leading KPIs can be more elusive.

    For example, take the lagging KPI “Customer Satisfaction.” How do you turn that into a leading KPI? One method is to look at sources of customer complaints. In a retail sales system, backordered items will negatively impact customer satisfaction. As a leading indicator, track the number of orders with backordered lines and the percentage of the total order that was backordered.

    Performance Metrics

    Use leading and lagging metrics, as well as benchmarks, to track the progress of your system.

    Leading KPIs: Input-oriented measures:

    • Number of active users in the system.
    • Time-to-completion for processes that previously experienced efficiency pain points.

    Lagging KPIs: Output-oriented measures:

    • Faster production times.
    • Increased customer satisfaction scores

    Benchmarks: A standard to measure performance against:

    • Number of days to ramp up new users.

    Info-Tech Insight

    Leading indicators make the news; lagging indicators report on the news. Focusing on leading indicators allows you to address challenges before they become large problems with only expensive solutions.

    2.2.1 Define metrics for your project

    1-2 hours

    1. Examine outputs from any feedback mechanisms you have (satisfaction surveys, emails, existing SLAs, burndown charts, resourcing costs, licensing costs per sprint, etc.).
    2. Look at historical trends and figures when available. However, be careful of frequent anomalies, as these may indicate a root cause that needs to be addressed.
    3. Explore the definition of specific metrics across different functional teams to ensure consistency of measurement and reporting.
    4. Record the Project Metrics in section 2.3 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Outputs of any feedback mechanism
    • Historical trends
    • Your project tracking metrics

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.2.1 Metrics

    In addition to delivery metrics and system performance metrics, equip the business with process-based metrics to continuously prove the value of the enterprise software. Review the examples below as a starting point.

    Table showing metrics and desciption. Metrics listed are: Percent of requirements complete, issues found, issues resolved, and percent of processess complete.

    Step 2.3

    Prepare for project risks

    Activities

    2.3.1 Build a risk event menu

    2.3.2 Determine contextual risks

    2.3.3 Determine process risks

    2.3.4 Determine business risks

    2.3.5 Determine change risks

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Steps to create your product canvas and product vision statement

    All risks are not created equal

    Project Risk consists of: Contextual risk, process risk, change risk and business risk.

    For more information on Info-Tech’s Four-Pillar Risk Framework, please see Right-Size Your Project Risk Investment.

    Info-Tech’s Four-Pillar Risk Framework

    Unusual risks should be detected by finding out how each project is different from the norm. Use this framework to start this process by confronting the risks that are more easily anticipated.

    2.3.1 Build a risk event menu

    0.5-1 hour

    1. Build and maintain an active menu of potential risk events across the four risk categories.
    2. Record the risk event menu in section 2.4 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Risk events
    • Your risk events menu

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.3.1 Risk event menu

    Example

    Risk event menu example. A table with: Contextual Risk, process risk, business risk, change risk events with examples for each.

    2.3.2 Determine contextual risks

    0.5-1 hour

    1. Contextual risk factors are those that operate within the context of your department, organization, and/or community.
    2. Fill out contextual risks.
    3. Record the contextual risks in section 2.5 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your risk events menu
    • Your list of people involved in risk management
    • Your contextual risks

    Materials

    Participants

    • Project Risk Management Workbook
    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.3.2 Contextual risks

    Example

    two tables for Contextual risks. Table 1: Risk identification with event name, risk cause, impact and risk owner. Table 2: shows probability of risk, impact, rating, recommended action, and any mitigations.

    2.3.3 Determine process risks

    0.5-1 hour

    1. Process risks are those that involve project sponsorship, project management, business and functional requirements, work assignment, communication, and/or visibility.
    2. Fill out process risks.
    3. Record the process risks in section 2.6 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your risk events menu
    • Your list of people involved in risk management
    • Your process risks

    Materials

    Participants

    • Project Risk Management Workbook
    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.3.3 Process risks

    Example

    two tables for Process risks. Table 1: Risk identification with event name, risk cause, impact and risk owner. Table 2: shows probability of risk, impact, rating, recommended action, and any mitigations.

    2.3.4 Determine business risks

    0.5-1 hour

    1. Business risks are those that affect the bottom line of the organization. They usually have implications on revenue, costs, and/or image.
    2. Fill out business risks.
    3. Record the business risks in section 2.7 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your risk events menu
    • Your list of people involved in risk management
    • Your business risks

    Materials

    Participants

    • Project Risk Management Workbook
    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.3.4 Business risks

    Example

    two tables for Business risks. Table 1: Risk identification with event name, risk cause, impact and risk owner. Table 2: shows probability of risk, impact, rating, recommended action, and any mitigations.

    2.3.5 Determine change risks

    0.5-1 hour

    1. Change risks are those that result from imposing changes on the people and customers of the organization and their daily routines.
    2. Fill change risks.
    3. Record the change risks in section 2.7 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your risk events menu
    • Your list of people involved in risk management
    • Your business risks

    Materials

    Participants

    • Project Risk Management Workbook
    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.3.5 Change risks

    Example

    two tables for Change risks. Table 1: Risk identification with event name, risk cause, impact and risk owner. Table 2: shows probability of risk, impact, rating, recommended action, and any mitigations.

    Step 2.4

    Identify the project team

    Activities

    2.4.1 Establish team composition

    2.4.2 Identify the team

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Steps to get your project team ready

    Understand the unique external resource considerations for the implementation

    Organizations rarely have sufficient internal staffing to resource an enterprise software implementation project entirely on their own. Consider the options for closing the gap in internal resource availability.

    The most common project resourcing structures for enterprise projects are:

    1. Management consultant
    2. Vendor consultant
    3. System integrator

    When contemplating a resourcing structure, consider:

    • Availability of in-house implementation competencies and resources.
    • Timeline and cost constraints.
    • Integration environment complexity.

    CONSIDER THE FOLLOWING

    Internal Vs. External Roles and Responsibilities

    Clearly delineate between internal and external team responsibilities and accountabilities and communicate this to your technology partner upfront.

    Internal Vs. External Accountabilities

    Accountability is different than responsibility. Your vendor or SI partner may be responsible for completing certain tasks, but be careful not to outsource accountability for the implementation – ultimately, the internal team will be accountable.

    Partner Implementation Methodologies

    Often vendors and/or SIs will have their own preferred implementation methodology. Consider the use of your partner’s implementation methodology; however, you know what will work for your organization.

    Info-Tech Insight

    Selecting a partner is not just about capabilities, it’s about compatibility! Ensure you select a partner that has a culture compatible with your own.

    2.4.1 Establish team composition

    0.5-1 hour

    1. Assess the skills necessary for an enterprise implementation.
    2. Select your internal implementation team.
    3. Identify the number of external consultants/support required for implementation.
    4. Document the roles and responsibilities, accountabilities, and other expectations as they relate to each step of the implementation.
    5. Record the team composition in section 2.9 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • List of project team skills
    • Your team composition
    • Your business risks

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.4.1 Team composition

    Example

    Team composition: Role of each team member, and their skills.

    2.4.2 Identify the team

    0.5-1 hour

    1. Identify a candidate for each role and determine their responsibility in the project and their expected time commitment.
    2. The project will require a cross-functional team within IT and business units. Make sure the responsibilities are clearly communicated to the selected project sponsor.
    3. Create a RACI matrix for the project.
    4. Record the team list in section 2.10 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your team composition
    • Your team with responsibilities and commitment

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.4.2 Team list

    Example

    Team list: Role of each team member, candidate, responsibilities, and their commitment in hours per week.

    RACI example

    RACI example. Responsibilities and team member roles that are tasked with each responsibility.

    Step 2.5

    Define your change management process

    Activities

    2.5.1 Define OCM structure and resources

    2.5.2 Define OCM team’s roles and responsibilities

    2.5.3 Define requirements for training

    2.5.4 Create a communications plan for stakeholder groups, and delivery teams

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    A structure and procedures for an effective organizational change management

    Define your change management process to improve quality and adoption

    Organizational change management is the practice through which the PMO can improve user adoption rates and maximize project benefits.

    Correlation of change management effectiveness with meeting results.

    “It’s one thing to provide a new technology tool to your end users.

    It’s quite another to get them to use the tool, and still different for them to use the new tool proficiently.

    When your end users fully use a new technology and make it part of their daily work habits, they have ‘adopted’ the new tool.”

    – “End-User Adoption and Change Management Process” (2022)

    Large projects require organizational change management

    Organizational change management (OCM) governs the introduction of new business processes and technologies to ensure stakeholder adoption. The purpose of OCM is to prepare the business to accept the change.

    OCM is a separate body of knowledge. However, as a practice, it is inseparable from project management.

    In IT, project planning tends to fixate on technology, and it underestimates the behavioral and cultural factors that inhibit user adoption. Whether change is project-specific or continuous, it’s more important to instill the desire to change than to apply specific tools and techniques.

    Accountability for instilling this desire should start with the project sponsor. The project manager should support this with effective stakeholder and communication management plans.

    16% of projects with poor change management met or exceeded objectives. 71% of projects with excellent change management finish on or ahead of schedule. 67% of organizations include project change management in their initiatives.

    For further discussion on organizational change, use Info-Tech’s blueprint, Master Organizational Change Management Practices

    Your application implementation will be best served by centralizing OCM

    A centralized approach to OCM is most effective, and the PMO is already a centralized project office and is already accountable for project outcomes.

    What’s more, in organizations where accountabilities for OCM are not explicitly defined, the PMO will likely already be assumed to be the default change leader by the wider organization.

    It makes sense for the PMO to accept this accountability – in the short term at least – and claim the benefits that will come from coordinating and consistently driving successful project outcomes.

    In the long term, OCM leadership will help the PMO become a strategic partner with the executive layer and the business side.

    Short-term gains made by the PMO can be used to spark dialogues with those who authorize project spending and have the implicit fiduciary obligation to drive project benefits.

    Ultimately, it’s their job to explicitly transfer that obligation along with the commensurate resourcing and authority for OCM activities.

    Organizational resistance to change is cited as the #1 challenge to project success that PMOs face. Companies with mature PMOs that effectively manage change meet expectations 90% of the time.

    For further discussion on organizational change, use Info-Tech’s blueprint, Master Organizational Change Management Practices

    2.5.1 Define OCM structure and resources

    0.5-1 hour

    1. Assess the roles and resources that might be needed to help support these OCM efforts.
    2. Record the OCM structure in section 2.11 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your project objectives
    • Your OCM structure and resources

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.5.1 OCM structure and resources

    Example

    OCM structure example. Table showing OCM activity and resources available to support.

    2.5.2 Define OCM team’s roles and responsibilities

    0.5-1 hour

    1. Assess the tasks required for the team.
    2. Determine roles and responsibilities.
    3. Record the results in the RACI matrix in section 2.13 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your communications timeline
    • Your OCM structure and resources
    • Your OCM plan and RACI matrix

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    OCM team’s roles and responsibilities

    Example

    Responsibilities for OCM team members.

    2.5.3 Define requirements for training

    0.5-1 hour

    1. Analyze HR requirements to ensure efficient use of HR and project stakeholder time.
    2. Outline appropriate HR and training activities.
    3. Define training content and make key logistical decisions concerning training delivery for staff and users.
    4. Record training requirements in section 2.14 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your OCM Plan and RACI matrix
    • Your HR training needs

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    2.5.3 Training requirements

    Example

    Training requirements example: Project milestones, milestone time frame, hr/training activities, activity timing, and notes.

    Project communication plans must address creation, flow, deposition, and security of project information

    A good communication management plan is like the oil that keeps moving parts going. Ensuring smooth information flow is a fundamental aspect of project management.

    Project communication management is more than keeping track of stakeholder requirements. A communication management plan must address timely and appropriate creation, flow, and deposition of information about the project – as well as the security of the information.

    Create:

    • In addition to standardized status reporting elements discussed for level 1 projects, level 2 and 3 projects may require additional information to be disseminated among key stakeholders and the PMO.

    Flow:

    • The plan must address the methods of communication. Distributed project teams require more careful planning, as they pose additional communication challenges.

    Deposit:

    • As the volume of information continues to grow exponentially, retrieving information becomes a challenge. The plan for depositing project information must be consistent with your organization’s content management policies.

    Security:

    • Preventing unauthorized access and information leaks is important for projectsthat are intended to provide the organization with a competitive edge or for projects that deal with confidential data.
    45% of organizations had established mature communications and engagement processes.

    2.5.4 Create a communications timeline

    0.5-1 hour

    1. Base your change communications on your organization’s cultural appetite for change in general.
    2. Document communications plan requirements.
    3. Create a high-level communications timeline.
    4. Tailor a communications strategy for each stakeholder group.
    5. Record the communications timeline in section 2.12 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your OCM structure and resources
    • Your project objectives
    • Your project scope
    • Your stakeholders’ management plan
    • Your communications timeline

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Example of communications timeline

    Project sponsors are the most compelling storytellers to communicate the change

    Example of project communications timeline. Planning, requirements, design, development, QA, deployment, warranty, and benefits/closure.

    Info-Tech Insight

    Communication with stakeholders and sponsors is not a single event, but a continual process throughout the lifecycle of the project implementation – and beyond!

    Phase 3

    Document your plan

    3 phases, phase 3 is highlighted.

    This phase will walk you through the following activities:

    3.1 Develop a master project plan

    3.2. Define a follow-up plan

    3.3. Define the follow-up process

    3.4. Understand what’s next

    This phase involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Step 3.1

    Develop a master project plan

    Activities

    3.1.1 Define your implementation steps

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Steps to create your resourcing and master plans

    Resources Vs. Demand

    Organizations rarely have sufficient internal staffing to resource an enterprise software implementation project entirely on their own. Consider the options for closing the gap in internal resource availability.

    Project demand: Data classification, cloud strategy, application rationalization, recovery planning etc. must be weighted against the organizations internal staffing resources.

    Competing priorities

    Example

    Table for competing priorities: List of projects, their timeline, priority notes, and their implications.

    3.1.1 Define your implementation steps

    0.5-1 hour

    1. Write each phase of the project on a separate sticky note and add it to the whiteboard. Determine what steps make up each phase. Write each step of the phase on a separate sticky note and add it to the whiteboard.
    2. Determine what tasks make up each step. Write each task of the step on a separate sticky note and add it to the whiteboard.
    3. Record the tasks in the Your Enterprise Application Implementation Playbook – Timeline tool. This tool has an example of a typical list of tasks, to help you start your master plan. Use the timeline for project planning and progress tracking.
    4. Record your project’s basic data and work schedule.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Project's work breakdown structure
    • Your project master plan

    Materials

    Participants

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Implementation plan – basic data

    Record your project name, project manager, and stakeholders from previous exercises.

    Example project information form: Project name, estimated start date, estimated end date, project manager, stakeholders, and time off of project.

    Implementation plan – work schedule

    Use this template to keep track of all project tasks, dates, owners, dependencies, etc.

    Use this template to keep track of all project tasks, dates, owners, dependencies, etc.

    “Actual Start Date” and “Actual Completion Date” columns must be updated to be reflected in the Gantt chart.

    This information will also be captured as the source for session 3.2.1 dashboards.

    Step 3.2

    Define a follow up plan

    Activities

    3.2.1 Create templates to enable follow-up throughout the project

    3.2.2 Decide on the tracking tools to help during your implementation

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Steps to create the processes and define the tools to track progress

    Leveraging dashboards

    Build a dashboard that reflects the leading metrics you have identified. Call out requirements that represent key milestones in the implementation.

    For further information on monitoring the project, use Info-Tech’s blueprint, Governance and Management of Enterprise Software Implementation

    Build a dashboard that reflects the leading metrics you have identified. Call out requirements that represent key milestones in the implementation.

    3.2.1 Create templates to enable follow-up throughout the project

    0.5-1 hour

    1. Create status report, dashboards/charts, budget control, risk/issues/gaps templates, and change request forms.
    2. Build a dashboard that reflects the leading metrics you have identified.
    3. Call out requirements that represent key milestones in the implementation.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your projects master plan
    • Your project follow-up kit

    Materials

    Participants

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Dashboards

    Based on the inputs in session 3.1.1 Define Your Implementation Steps, once the “Actual Start Date” and “Actual Completion Date” columns have been updated, this dashboard will present the project status and progress

    Based on the inputs in session 3.1.1 Define Your Implementation Steps, once the “Actual Start Date” and “Actual Completion Date” columns have been updated, this dashboard will present the project status and progress.

    This executive overview of the project's progress is meant to be used during the status meeting.

    Select the right tools

    Use SoftwareReviews to explore product features, vendor experience, and capability satisfaction.

    SoftwareReviews, Requirements Management, 2023

    SoftwareReviews, Project Management, 2023

    SoftwareReviews, Business Intelligence & Analytics, 2023

    3.2.2 Decide on the tracking tools to help during your implementation

    0.5-1 hour

    1. Based on the standards within your organization, select the appropriate project tracking tools to help you track the implementation project.
    2. If you do not have any tools or wish to change them, please see leverage Info-Tech’s SoftwareReviews to help you in making your decision.
    3. Consider tooling across a number of different categories:
      1. Requirements Management
      2. Project Management
      3. Reporting and Analytics
    4. Record the project tracking tools in section 3.3 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your project follow-up kit
    • Your project follow-up kit tools

    Materials

    Participants

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Example: project tools

    Table listing project tools by type, use, and products available.

    Step 3.3

    Define a follow-up process

    Activities

    3.3.1 Define project progress communication

    3.3.2 Create a change request process

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Steps to create your follow-up process

    Project status updates should occur throughout the implementation

    Project status updates can be both formal and informal. Formal status updates provide a standardized means of disseminating information on project progress. It is the lifeblood of project management: Accurate and up-to-date status reporting enables your project manager to ensure that your project can continue to use the resources needed.

    Informal status updates are done over coffee with key stakeholders to address their concerns and discuss key outcomes they want to see. Informal status updates help to build a more personal relationship.

    Ask for feedback during the status update meetings. Use the meeting as an opportunity to align values, goals, and incentives.

    Codify the following considerations:

    • Minimum requirement for a formal status update:
      • Frequency of reporting, as required by the project portfolio
      • Parties to be consulted and informed
      • Recording, producing, and archiving meeting minutes, both formal and informal
    • Procedure for follow-up on feedback generated from status updates:
      • Filing change requests
      • Keeping the change requester/relevant stakeholders in the loop

    3.3.1 Define project progress communication

    0.5-1 hour

    1. Provide a standardized means of disseminating information on project progress.
    2. Create an accurate and up-to-date status report to help keep team engaged and leadership supporting the project.
    3. Record the project progress communication in section 3.5 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your project follow-up process
    • Your project progress communication

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Project progress communication

    Example

    Example table of project progress communication. Audience, purpose, delivery/format, communicator, delivery date, and status/notes.

    Manage project scope changes

    1. Change in project scope is unpredictable and almost inevitable regardless of project size. If changes are not properly managed, the project runs the risk of scope creep and loss of progress. Therefore, changes need to be monitored and controlled.
    2. Scope change can be initiated voluntarily by the project sponsor or other stakeholders, or it could be a mandatory reaction to changing project process.
    3. Scope change may also take place due to internal factors such as a stakeholder requiring more extensive insights or external factors such as changing market conditions.
    4. Scope changes have the potential to affect project outcomes either positively or negatively, depending on how the change is managed and implemented. The project manager should take care to maintain focus on the project’s ultimate objectives; consideration needs to be given as to what to do and what to give up.
    5. If changes arise, project managers should ensure that adequate resources and actions are provided so the project can be completed on time and on budget.
    • The project manager needs to use both hard and soft skills: analytical skills for evaluating and quantifying the impact of potential changes and communication skills for communicating and negotiating with stakeholders.
    • Build trust and credibility by taking an evidence-based approach when presenting changes. This gives you room to respectfully push back on certain changes.
    • Assess changes before crossing them off the list, but don’t be afraid to say no. Greater care must be taken when there is very limited budgetary freedom or when scope changes will interfere with the critical path.
    • All change requests must be received by the project manager first so they can make sure that IT project resources are not approached with multiple ad hoc change requests.

    Document your process to manage project change requests

    1 Initial assessment

    Using the scope statement as the reference point:

    • Why do we need the change?
    • Is the change necessary?
    • What is the business value that the change brings to the project?

    Recommend alternative solutions that are easier to implement while consulting the requester.

    2 Minor change

    If the change has been classified as minor, the project manager and the project team can tackle it directly, since it doesn’t affect project budget or schedule in a significant way. Ensure that the change is documented.

    3 conduct an in-depth assessment

    The project manager should bring major changes to the attention of the project sponsor and carry out a detailed assessment of the change and its impact.

    Additional time and resources are required to do the in-depth assessment because the impact on the project can be complex and affect requirements, resources, budget, and schedule.

    4 Obtain approval from the governing body

    Present the results to the governing body. Since a major change significantly affects the project baseline beyond the authorized contingency, it is the responsibility of the governing body to either approve the change with allocation of additional resources or reject the change and maintain course.

    Flow chart to document your process to manage project change requests.

    For further discussion on change requests, use Info-Tech’s blueprint, Begin Your Projects With the End in Mind

    3.3.2 Create a change request process

    0.5-1 hour

    1. Identify any existing processes that you have for addressing changes for projects.
    2. Discuss whether or not the current change request process will suit the project at hand.
    3. Define the agreed-to change request process that fits your organization’s culture.
    4. For a change request template, you can leverage, refer to section 3.6 of Info-Tech’s Your Enterprise Application Implementation Playbook.
    5. Make any changes to the template as necessary.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your project scope
    • Your change request

    Materials

    Participants

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    3.3.2 Create a change request process (Continued)

    Example of a change request process form.

    Step 3.4

    Understand what's next

    Activities

    3.4.1 Run a “lessons learned” session for continuous improvement

    3.4.2 Prepare a closure document for sign-off

    3.4.3 Document optimization and future release opportunities

    This step involves the following participants:

    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Outcomes of this step

    Lessons learned throughout the project-guiding

    Good project planning is key to smooth project closing

    Begin with the end in mind. Without a clear scope statement and criteria for acceptance, it’s anyone’s guess when or how a project will end.

    During the closing process, the project manager should use planning and execution documents, such as the project charter and the scope statement, to assess project completeness and obtain sign-off based on the acceptance criteria.

    Project completion criteria should be clearly defined. For example, the project is defined as finished when costs are in, vendor receipts are received, financials are reviewed and approved, etc.

    However, there are other steps to be taken after completing the project deliverables. These activities include:

    • Transferring project knowledge and operations to support
    • Completing user training
    • Obtaining business sign-off and acceptance
    • Releasing resources
    • Conducting post-mortem meeting
    • Archiving project assets

    The project manager needs to complete all project management processes, including:

    • Risk management (close out risk assessment and action plan)
    • Quality management (test the final deliverables against acceptance criteria)
    • Stakeholder management (decision log, close out issues, plan and assign owners for resolutions of open issues)
    • Project team management (performance evaluation for team members as well as the project manager)

    3.4.1 Define the process for lessons learned

    0.5-1 hour

    1. Determine the reporting frequency for lessons learned.
    2. Consider attributing lessons learned to project phases.
    3. Coordinate lessons learned check-ins with project milestones to review and reflect.
    4. At each reporting session, the project team should identify challenges and successes informally.
    5. The PM and the PMO should transform the reports from each team member into formalized lessons.
    6. Record lessons learned for each project in section 3.7 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your project's lessons learned

    Materials

    Participants

    • Project Lessons Learned Template
    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Lessons learned

    Example

    Form: Project successes, notes, areas of imporvement, impact, solution.

    Watch for these potential problems with project closure

    Don’t leave the door open for stakeholder dissatisfaction. Properly close out your projects.

    Potential problems with project closure.

    For further information on project closure issues, use Info-Tech’s blueprint, Get Started With Project Management Excellence.

    3.4.2 Prepare a closure document for sign-off

    0.5-1 hour

    1. Create a realistic closure and transition process that gains sign-off from the sponsor.
    2. Prepare a project closure checklist.
    3. Transfer accountability to operations, release project resources, and avoid disrupting other projects that are trying to get started.
    4. Record the project closure document in section 3.8 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your project objectives
    • Your project scope
    • Your project's closure checklist

    Materials

    Participants

    • Project closure checklist Template
    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Closure checklist

    Project closure checklist. project management checklist, deliverables, goals, benefits, outstanding action items and issues, handover of technical documents, knowledge transfer, sign-off.

    For further information on closure procedures, use Info-Tech’s blueprint, Begin Your Projects With the End in Mind.

    3.4.3 Document optimization and future release opportunities

    0.5-1 hour

    Consider the future opportunities for improvement post-release:

    1. Product and vendor satisfaction opportunities
    2. Capability and feature optimization opportunities
    3. Process optimization opportunities
    4. Integration optimization opportunities
    5. Data optimization opportunities
    6. Cost-saving opportunities
    7. Record optimization and future release opportunities in section 3.9 of Info-Tech’s Your Enterprise Application Implementation Playbook.

    Download

    Your Enterprise Application Implementation Playbook.

    Input

    Output

    • Your project objectives
    • Your project scope
    • Your optimization opportunities list

    Materials

    Participants

    • Whiteboard/flip charts
    • Your Enterprise Application Implementation Playbook.
    • Project team
    • Operations
    • SMEs
    • Team lead and facilitators
    • IT leaders

    Optimization opportunities

    Example

    Optimization types and opportunities.

    Related Info-Tech Research

    Build upon your foundations

    Build an ERP Strategy and Roadmap

    • A business-led, top-management-supported initiative partnered with IT has the greatest chance of success. This blueprint provides business and IT the methodology for getting the right level of detail for the business processes that the ERP supports thus avoiding getting lost in the details.

    Governance and Management of Enterprise Software Implementation

    • Implementing enterprise software is hard. You need a framework that will greatly improve your chance of success. Traditional Waterfall project implementations have a demonstrated a low success rate for on-time, on-budget delivery.

    Select and Implement a Human Resource Information System

    • Your organization is in the midst of a selection and implementation process for a human resource information system (HRIS), and there is a need to disambiguate the market and arrive at a shortlist of vendors.

    Select and Implement an ERP Solution

    • Selecting and implementing an ERP is one of the most expensive and time-consuming technology transformations an organization can undertake. ERP projects are notorious for time and budget overruns, with only a margin of the anticipated benefits being realized.

    Right-Size Your Project Risk Investment

    • Avoid the all-or-nothing mindset; even modest investments in risk will provide a return. Learn from and record current and historical risk events so lessons learned can easily be embedded into future projects. Assign someone to own the risk topic and make it their job to keep a relevant menu of risks.

    Related Info-Tech Research

    Build upon your foundations

    Drive Business Value With a Right-Sized Project Gating Process

    • Many organizations have implemented gating as part of their project management process. So, what separates those who are successful from those who are not? For starters, successful gating requires that each gate is treated as an essential audit. That means there need to be clear roles and responsibilities in the framework.

    Master Organizational Change Management Practices

    • Organizational change management (OCM) is often an Achilles’ heel for IT departments and business units, putting projects and programs at risk – especially large, complex, transformational projects.

    Get Started With Project Management Excellence

    • Lack of proper scoping at the beginning of the project leads to constant rescoping, rescheduling, and budget overruns.

    ERP Requirements Picklist Tool

    • Use this tool to collect ERP requirements in alignment with the major functional areas of ERP. Review the existing set of ERP requirements as a starting point to compiling your organization's requirements.

    Begin Your Projects With the End in Mind

    • Stakeholders are dissatisfied with IT’s inability to meet or even provide consistent, accurate estimates. The business’ trust in IT erodes every time a project is late, lost, or unable to start.

    Get Started With IT Project Portfolio Management

    • Most companies are struggling to get their project work done. This is due in part to the fact that many prescribed remedies are confusing, disruptive, costly, or ineffective.

    Bibliography

    7 Shocking Project Management Statistics and Lessons We Should Learn.” TeamGantt, Jan. 2017.

    Akrong, Godwin Banafo, et al. "Overcoming the Challenges of Enterprise Resource Planning (ERP): A Systematic Review Approach." IJEIS vol.18, no.1 2022: pp.1-41.

    Andriole, S. “Why No One Can Manage Projects, Especially Technology Projects.” Forbes, 1 Dec. 2020.

    Andriole, Steve. “Why No One Can Manage Projects, Especially Technology Projects.” Forbes, 1 Dec. 2020.

    Beeson, K. “ERP Implementation Plan (ERP Implementation Process Guide).” ERP Focus, 8 Aug. 2022.

    Biel, Justin. “60 Critical ERP Statistics: 2022 Market Trends, Data and Analysis.” Oracle Netsuite, 12 July 2022.

    Bloch, Michael, et al. “Delivering Large-Scale IT Projects on Time, on Budget, and on Value.” McKinsey & Company, 2012.

    Buverud, Heidi. ERP System Implementation: How Top Managers' Involvement in a Change Project Matters. 2019. Norwegian School of Economics, Ph.D. thesis.

    Carlton, R. “Four ERP Implementation Case Studies You Can Learn From.” ERP Focus, 15 July 2015.

    Gopinath, S. Project Management in the Emerging World of Disruption. PMI India Research and Academic Conference 2019. Kozhikode Publishers.

    Grabis, J. “On-Premise or Cloud Enterprise Application Deployment: Fit-Gap Perspective.” Enterprise Information Systems. Edited by Filipe, J., Śmiałek, M., Brodsky, A., Hammoudi, S. ICEIS, 2019.

    Harrin, E. The Definitive Guide to Project Sponsors. RGPM, 13 Dec. 2022.

    Jacobs-Long, Ann. “EPMO’s Can Make A Difference In Your Organization.” 9 May 2012.

    Kotadia, C. “Challenges Involved in Adapting and Implementing an Enterprise Resource Planning (ERP) Systems.” International Journal of Research and Review vol. 7 no. 12 December 2020: 538-548.

    Panorama Consulting Group. "2018 ERP Report." Panorama Consulting Group, 2018. Accessed 12 Oct. 2021.

    Panorama Consulting Group. "2021 ERP Report." Panorama Consulting Group, 2021. Accessed 12 Oct. 2021.

    PM Solutions. (2014). The State of the PMO 2014.

    PMI. Pulse of the Profession. 2017.

    Podeswa, H. “The Business Case for Agile Business Analysis.” Requirements Engineering Magazine, 21 Feb. 2017.

    Project Delivery Performance in Australia. AIPM and KPMG, 2020.

    Prosci. (2020). Prosci 2020 Benchmarking Data from 2007, 2009, 2011, 2013, 2015, 2017, 2019.

    Swartz, M. “End User Adoption and Change Management Process.” Swartz Consulting LLC, 11 July 2022.

    Trammell, H. “28 Important Project Management KPIs (& How To Track Them).” ClearPoint Strategy, 2022.

    “What are Business Requirements?" Requirements.com, 18 Oct. 2018.

    “What Is the Role of a Project Sponsor?” Six Sigma Daily, 18 May 2022.

    “When Will You Think Differently About Programme Delivery?” 4th Global Portfolio and Programme Management Survey. PricewaterhouseCoopers, Sept. 2014.

    Considerations to Optimize Container Management

    • Buy Link or Shortcode: {j2store}499|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Data Center & Facilities Strategy
    • Parent Category Link: /data-center-and-facilities-strategy

    Do you experience challenges with the following:

    • Equipping IT operations processes to manage containers.
    • Choosing the right container technology.
    • Optimizing your infrastructure strategy for containers.

    Our Advice

    Critical Insight

    • Plan ahead to ensure your container strategy aligns with your infrastructure roadmap. Before deciding between bare metal and cloud, understand the different components of a container management solution and plan for current and future infrastructure services.
    • When selecting tools from multiple sources, it is important to understand what each tool should and should not meet. This holistic approach is necessary to avoid gaps and duplication of effort.

    Impact and Result

    Use the reference architecture to plan for the solution you need and want to deploy. Infrastructure planning and strategy optimizes the container image supply chain, uses your current infrastructure, and reduces costs for compute and image scan time.

    Considerations to Optimize Container Management Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Considerations to Optimize Container Management Deck – A document to guide you design your container strategy.

    A document that walks you through the components of a container management solution and helps align your business objectives with your current infrastructure services and plan for your future assets.

    • Considerations to Optimize Container Management Storyboard

    2. Container Reference Architecture – A best-of-breed template to help you build a clear, concise, and compelling strategy document for container management.

    Complete the reference architecture tool to strategize your container management.

    • Container Reference Architecture
    [infographic]

    Further reading

    Considerations to Optimize Container Management

    Design a custom reference architecture that meets your requirements.

    Analyst Perspective

    Containers have become popular as enterprises use DevOps to develop and deploy applications faster. Containers require managed services because the sheer number of containers can become too complex for IT teams to handle. Orchestration platforms like Kubernetes can be complex, requiring management to automatically deploy container-based applications to operating systems and public clouds. IT operations staff need container management skills and training.

    Installing and setting up container orchestration tools can be laborious and error-prone. IT organizations must first implement the right infrastructure setup for containers by having a solid understanding of the scope and scale of containerization projects and developer requirements. IT administrators also need to know how parts of the existing infrastructure connect and communicate to maintain these relationships in a containerized environment. Containers can run on bare metal servers, virtual machines in the cloud, or hybrid configurations, depending on your IT needs

    Nitin Mukesh, Senior Research Analyst, Infrastructure and Operations

    Nitin Mukesh
    Senior Research Analyst, Infrastructure and Operations
    Info-Tech Research Group

    Executive Summary

    Your Challenge Common Obstacles Info-Tech’s Approach

    The container software market is constantly evolving. Organizations must consider many factors to choose the right container management software for their specific needs and fit their future plans.

    It's important to consider your organization's current and future infrastructure strategy and how it fits with your container management strategy. The container management platform you choose should be compatible with the existing network infrastructure and storage capabilities available to your organization.

    IT operations staff have not been thinking the same way as developers who have now been using an agile approach for some time. Container image builds are highly automated and have several dependencies including scheduling, testing, and deployment that the IT staff is not trained for or lack the ability to create anything more than a simple image.

    Use the reference architecture to plan for the solution you need and want to deploy. Infrastructure planning and strategy optimizes the container image supply chain and reduces costs for compute and image scan time.

    Plan ahead to ensure your container strategy aligns with your infrastructure roadmap. Before deciding between bare metal and cloud, understand the different components of a container management solution and plan for current and future infrastructure services.

    Your challenge

    Choosing the right container technology: IT is a rapidly changing and evolving market, with startups and seasoned technology vendors maintaining momentum in everything from container platforms to repositories to orchestration tools. The rapid evolution of container platform components such as orchestration, storage, networking, and system services such as load balancing has made the entire stack a moving target.

    However, waiting for the industry to be standardized can be a recipe for paralysis, and waiting too long to decide on solutions and approaches can put a company's IT operations in catch-up mode.

    Keeping containers secure: Security breaches in containers are almost identical to operating system level breaches in virtual machines in terms of potential application and system vulnerabilities. It is important for any DevOps team working on container and orchestration architecture and management to fully understand the potential vulnerabilities of the platforms they are using.

    Optimize your infrastructure strategy for containers: One of the challenges enterprise IT operations management teams face when it comes to containers is the need to rethink the underlying infrastructure to accommodate the technology. While you may not want to embrace the public cloud for your critical applications just yet, IT operations managers will need an on-premises infrastructure so that applications can scale up and down the same way as they are containerized.

    Common ways organizations use containers

    A Separation of responsibilities
    Containerization provides a clear separation of responsibilities as developers can focus on application logic and dependencies, while IT operations teams can focus on deployment and management instead of application details such as specific software versions and configurations.

    B Workload portability
    Containers can run almost anywhere: physical servers or on-premise data centers on virtual machines or developer machines, as well as public clouds on Linux, Windows, or Mac operating systems, greatly easing development and deployment.

    “Lift and shift” existing applications into a modern cloud architecture. Some organizations even use containers to migrate existing applications to more modern environments. While this approach provides some of the basic benefits of operating system virtualization, it does not provide all the benefits of a modular, container-based application architecture.

    C Application isolation
    Containers virtualize CPU, memory, storage, and network resources at the operating system level, providing developers with a logically isolated view of the operating system from other applications.

    Source: TechTarget, 2021

    What are containers and why should I containerize?

    A container is a partially isolated environment in which an application or parts of an application can run. You can use a single container to run anything from small microservices or software processes to larger applications. Inside the container are all the necessary executable, library, and configuration files. Containers do not contain operating system images. This makes them lighter and more portable with much less overhead. Large application deployments can deploy multiple containers into one or more container clusters (CapitalOne, 2020).

    Containers have the following advantages:

    • Reduce overhead costs: Because containers do not contain operating system images, they require fewer system resources than traditional or hardware virtual machine environments.
    • Enhanced portability: Applications running in containers can be easily deployed on a variety of operating systems and hardware platforms.
    • More consistent operations: DevOps teams know that applications in containers run the same no matter where they are deployed.
    • Efficiency improvement: Containers allow you to deploy, patch, or scale applications faster.
    • Develop better applications: Containers support Agile and DevOps efforts to accelerate development and production cycles.

    Source: CapitalOne, 2020

    Container on the cloud or on-premise?

    On-premises containers Public cloud-based containers

    Advantages:

    • Full control over your container environment.
    • Increased flexibility in networking and storage configurations.
    • Use any version of your chosen tool or container platform.
    • No need to worry about potential compliance issues with data stored in containers.
    • Full control over the host operating system and environment.

    Disadvantages:

    • Lack of easy scalability. This can be especially problematic if you're using containers because you want to be more agile from a DevOps perspective.
    • No turnkey container deployment solution. You must set up and maintain every component of the container stack yourself.

    Advantages:

    • Easy setup and management through platforms such as Amazon Elastic Container Service or Azure Container Service. These products require significant Docker expertise to use but require less installation and configuration than on-premise installations.
    • Integrates with other cloud-based tools for tasks such as monitoring.
    • Running containers in the cloud improves scalability by allowing you to add compute and storage resources as needed.

    Disadvantages:

    • You should almost certainly run containers on virtual machines. That can be a good thing for many people; however, you miss out on some of the potential benefits of running containers on bare metal servers, which can be easily done.
    • You lose control. To build a container stack, you must use the orchestrator provided by your cloud host or underlying operating system.

    Info-Tech Insight
    Start-ups and small businesses that don't typically need to be closely connected to hardware can easily move (or start) to the cloud. Large (e.g. enterprise-class) companies and companies that need to manage and control local hardware resources are more likely to prefer an on-premises infrastructure. For enterprises, on-premises container deployments can serve as a bridge to full public cloud deployments or hybrid private/public deployments. The answer to the question of public cloud versus on premises depends on the specific needs of your business.

    Container management

    From container labeling that identifies workloads and ownership to effective reporting that meets the needs of different stakeholders across the organization, it is important that organizations establish an effective framework for container management.

    Four key considerations for your container management strategy:

    01 Container Image Supply Chain
    How containers are built

    02 Container Infrastructure and Orchestration
    Where and how containers run together

    03 Container Runtime Security and Policy Enforcement
    How to make sure your containers only do what you want them to do

    04 Container Observability
    Runtime metrics and debugging

    To effectively understand container management solutions, it is useful to define the various components that make up a container management strategy.

    1: Container image supply chain

    To run a workload as a container, it must first be packaged into a container image. The image supply chain includes all libraries or components that make up a containerized application. This includes CI/CD tools to test and package code into container images, application security testing tools to check for vulnerabilities and logic errors, registries and mirroring tools for hosting container images, and attribution mechanisms such as image signatures for validating images in registries.

    Important functions of the supply chain include the ability to:

    • Scan container images in registries for security issues and policy compliance.
    • Verify in-use image hashes have been scanned and authorized.
    • Mirror images from public registries to isolate yourself from outages in these services.
    • Attributing images to the team that created them.

    Source: Rancher, 2022

    Info-Tech Insight
    It is important to consider disaster recovery for your image registry. As mentioned above, it is wise to isolate yourself from registry disruptions. However, external registry mirroring is only one part of the equation. You also want to make sure you have a high availability plan for your internal registry as well as proper backup and recovery processes. A highly available, fault-tolerant container management platform is not just a runtime environment.

    2: Container infrastructure and orchestration

    Orchestration tools

    Once you have a container image to run, you need a location to run it. That means both the computer the container runs on and the software that schedules it to run. If you're working with a few containers, you can make manual decisions about where to run container images, what to run with container images, and how best to manage storage and network connectivity. However, at scale, these kinds of decisions should be left to orchestration tools like Kubernetes, Swarm, or Mesos. These platforms can receive workload execution requests, determine where to run based on resource requirements and constraints, and then actually launch that workload on its target. And if a workload fails or resources are low, it can be restarted or moved as needed.

    Source: DevOpsCube, 2022

    Storage

    Storage is another important consideration. This includes both the storage used by the operating system and the storage used by the container itself. First, you need to consider the type of storage you actually need. Can I outsource my storage concerns to a cloud provider using something like Amazon Relational Database Service instead? If not, do you really need block storage (e.g. disk) or can an external object store like AWS S3 meet your needs? If your external object storage service can meet your performance and durability requirements as well as your governance and compliance needs, you're in luck. You may not have to worry about managing the container's persistent storage. Many external storage services can be provisioned on demand, support discrete snapshots, and some even allow dynamic scaling on demand.

    Networking

    Network connectivity inside and outside the containerized environment is also very important. For example, Kubernetes supports a variety of container networking interfaces (CNIs), each providing different functionality. Questions to consider here are whether you can set traffic control policies (and the OSI layer), how to handle encryption between workloads and between workloads and external entities, and how to manage traffic import for containerized workloads. The impact of these decisions also plays a role on performance.

    Backups

    Backups are still an important task in containerized environments, but the backup target is changing slightly. An immutable, read-only container file system can be recreated very easily from the original container image and does not need to be backed up. Backups or snapshots on permanent storage should still be considered. If you are using a cloud provider, you should also consider fault domain and geo-recovery scenarios depending on the provider's capabilities. For example, if you're using AWS, you can use S3 replication to ensure that EBS snapshots can be restored in another region in case of a full region outage.

    3: Container runtime security and policy enforcement

    Ensuring that containers run in a place that meets the resource requirements and constraints set for them is necessary, but not sufficient. It is equally important that your container management solution performs continuous validation and ensures that your workloads comply with all security and other policy requirements of your organization. Runtime security and policy enforcement tools include a function for detecting vulnerabilities in running containers, handling detected vulnerabilities, ensuring that workloads are not running with unnecessary or unintended privileges, and ensuring that only other workloads that need to be allowed can connect.

    One of the great benefits of (well implemented) containerized software is reducing the attackable surface of the application. But it doesn't completely remove it. This means you need to think about how to observe running applications to minimize security risks. Scanning as part of the build pipeline is not enough. This is because an image without vulnerabilities at build time can become a vulnerable container because new flaws are discovered in its code or support libraries. Instead, some modern tools focus on detecting unusual behavior at the system call level. As these types of tools mature, they can make a real difference to your workload’s security because they rely on actual observed behavior rather than up-to-date signature files.

    4: Container observability

    What’s going on in there?

    Finally, if your container images are being run somewhere by orchestration tools and well managed by security and policy enforcement tools, you need to know what your containers are doing and how well they are doing it. Orchestration tools will likely have their own logs and metrics, as will networking layers, and security and compliance checking tools; there is a lot to understand in a containerized environment. Container observability covers logging and metrics collection for both your workloads and the tools that run them.

    One very important element of observability is the importance of externalizing logs and metrics in a containerized environment. Containers come and go, and in many cases the nodes running on them also come and go, so relying on local storage is not recommended.

    The importance of a container management strategy

    A container management platform typically consists of a variety of tools from multiple sources. Some container management software vendors or container management services attempt to address all four key components of effective container management. However, many organizations already have tools that provide at least some of the features they need and don't want to waste existing licenses or make significant changes to their entire infrastructure just to run containers.

    When choosing tools from multiple sources, it's important to understand what needs each tool meets and what it doesn't. This holistic approach is necessary to avoid gaps and duplication of effort.

    For example, scanning an image as part of the build pipeline and then rescanning the image while the container is running is a waste of CPU cycles in the runtime environment. Similarly, using orchestration tools and separate host-based agents to aggregate logs or metrics can waste CPU cycles as well as storage and network resources.

    Planning a container management strategy

    1 DIY, Managed Services, or Packaged Products
    Developer satisfaction is important, but it's also wise to consider the team running the container management software. Migrating from bare metal or virtual machine-based deployment methodologies to containers can involve a significant learning curve, so it's a good idea to choose a tool that will help smooth this curve.
    2 Kubernetes
    In the world of container management, Kubernetes is fast becoming the de facto standard for container orchestration and scheduling. Most of the products that address the other aspects of container management discussed in this post (image supply chain, runtime security and policy enforcement, observability) integrate easily with Kubernetes. Kubernetes is open-source software and using it is possible if your team has the technical skills and the desire to implement it themselves. However, that doesn't mean you should automatically opt to build yourself.
    3 Managed Kubernetes
    Kubernetes is difficult to implement well. As a result, many solution providers offer packaged products or managed services to facilitate Kubernetes adoption. All major cloud providers now offer Kubernetes services that reduce the operational burden on your teams. Organizations that have invested heavily in the ecosystem of a particular cloud provider may find this route suitable. Other organizations may be able to find a fully managed service that provides container images and lets the service provider worry about running the images which, depending on the cost and capacity of the organization, may be the best option.
    4 Third-Party Orchestration Products
    A third approach is packaged products from providers that can be installed on the infrastructure (cloud or otherwise). These products can offer several potential advantages over DIY or cloud provider offerings, such as access to additional configuration options or cluster components, enhanced functionality, implementation assistance and training, post-installation product support, and reduced risk of cloud provider lock-in.

    Source: Kubernetes, 2022; Rancher, 2022

    Infrastructure considerations

    It's important to describe your organization’s current and future infrastructure strategy and how it fits into your container management strategy. It’s all basic for now, but if you plan to move to a virtual machine or cloud provider next year, your container management solution should be able to adapt to your environment now and in the future. Similarly, if you’ve already chosen a public cloud, you may want to make sure that the tool you choose supports some of the cloud options, but full compatibility may not be an important feature.

    Infrastructure considerations extend beyond computing. Choosing a container management platform should be compatible with the existing network infrastructure and storage capacity available to your organization. If you have existing policy enforcement, monitoring, and alerting tools, the ideal solution should be able to take advantage of them. Moving to containers can be a game changer for developers and operations teams, so continuing to use existing tools to reduce complexity where possible can save time and money.

    Leverage the reference architecture to guide your container management strategy

    Questions for support transition

    Using the examples as a guide, complete the tool to strategize your container management

    Download the Reference Architecture

    Bibliography

    Mell, Emily. “What is container management and why is it important?” TechTarget, April 2021.
    https://www.techtarget.com/searchitoperations/definition/container-management-software#:~:text=A%20container%20management%20ecosystem%20automates,operator%20to%20keep%20up%20with

    Conrad, John. “What is Container Orchestration?” CapitalOne, 24 August 2020.
    https://www.capitalone.com/tech/cloud/what-is-container-orchestration/?v=1673357442624

    Kubernetes. “Cluster Networking.” Kubernetes, 2022.
    https://kubernetes.io/docs/concepts/cluster-administration/networking/

    Rancher. “Comparing Kubernetes CNI Providers: Flannel, Calico, Canal, and Weave.” Rancher, 2022.
    https://www.suse.com/c/rancher_blog/comparing-kubernetes-cni-providers-flannel-calico-canal-and-weave/

    Wilson, Bob. “16 Best Container Orchestration Tools and Services.” DevopsCube, 5 January 2022.
    https://devopscube.com/docker-container-clustering-tools/

    Build an ITSM Tool Implementation Plan

    • Buy Link or Shortcode: {j2store}486|cart{/j2store}
    • member rating overall impact (scale of 10): 7.5/10 Overall Impact
    • member rating average dollars saved: $9,246 Average $ Saved
    • member rating average days saved: 7 Average Days Saved
    • Parent Category Name: Service Desk
    • Parent Category Link: /service-desk
    • Selecting the Wrong Resources: You need ITSM technology and process experts, because this is not just a technology project, but also a process improvement opportunity.
    • Over-Reliance on the Vendor to Optimize Your Tool: Yes, the vendor will typically install and set up the tool, but they will not fix your processes for you.
    • Not Preparing for Data Migration: Data migration is complex. You need to determine what data to migrate, if any, and how that data will be mapped to the new environment.
    • Insufficient IT and End-User Training: A link to the ITSM tool manual is not enough. Staff and users need training on how your processes will be executed in the new tool.

    Our Advice

    Critical Insight

    • Start with the assumption you don’t need to migrate old data.
    • ITSM tools are designed to support ITIL best practices.
    • Implement your new tool in stages to manage scope.

    Impact and Result

    • Ability to plan and scope the project to avoid or reduce last-minute chaos.
    • Opportunity to review and optimize processes as part of the ITSM tool implementation project.
    • Improved project management, and therefore, better cost and effort estimates, by identifying required tasks upfront.

    Build an ITSM Tool Implementation Plan Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build an ITSM Tool Implementation Plan Deck – An implementation guide that walks you through the steps to ensure the tool delivers business value.

    There may be hundreds of parameters to define and decisions to make, so identifying the full list of tasks early is critical for the success of the implementation project.

    • Build an ITSM Tool Implementation Plan – Phases 1-3

    2. ITSM Tool Project Charter Template – A charter to document your project scope, milestones, stakeholders, risks etc. to kick-off and manage your project.

    This project charter document summarizes the Project Overview (Description, background, drivers, and objectives), Governance and Management (Project stakeholders/roles, budget, and dependencies), and Risk, Assumptions, and Constraints (Known and potential risks and mitigation strategy).

    • ITSM Tool Implementation Project Charter Template

    3. ITSM Tool Implementation Checklist – A tool to help identify the most common decisions you will need to make and prepare for your implementation project.

    The checklists in this tool identify the most common decisions and preparation you will need to make to support the implementation for the ITSM modules that we recommend are set up first: incident management and service requests; change management; and asset management. Use these checklists as a model to follow for any additional ITSM modules you plan to implement, and refer to Info-Tech's blueprints for each service management topic for additional guidance.

    • ITSM Tool Implementation Checklist

    4. ITSM Tool Deployment Plan Template – A tool to help prioritize and prepare for tool rollout plan.

    This deployment plan documents the strategy and decisions made for making the transition to the new ITSM tool, and the details to execute the cutover to a live environment, including how, when, where.

    • ITSM Tool Deployment Plan Template

    5. ITSM Tool Training Schedule – Use the tool to create your new tool training roadmap.

    This template is a guide for creating a training and communication plan as part of the implementation project for your ITSM tool. Use the template to document and plan the communications and training needs prior to deployment of the new tool.

    • ITSM Tool Training Schedule

    Infographic

    Further reading

    Build an ITSM Tool Implementation Plan

    Plan ahead with a step-by-step approach to ensure the tool delivers business value.

    EXECUTIVE BRIEF

    Analyst perspective

    Take control of the wheel or you might end up in a ditch.

    The image contains a picture of Frank Trovato.

    An ITSM tool implementation is a complex project with direct impact on IT’s ability to support the business. With that level of risk, you need to take control early on.

    Yes, your vendor will support or execute the technical implementation, but they depend on you to tell them how to configure ITSM parameters and workflows that affect user interface, the ability to manage incidents, and governance over assets and IT changes.

    If you leave the configuration completely to the vendor, at best you might get the same setup as in your old tool (and not realize the benefits that leadership is expecting). At worst you end up with default values that don’t fit your process needs, i.e., confusion and not realizing expected benefits.

    A successful implementation requires early planning from a wide range of resources including ITSM tool experts (supported by the vendor), process experts, and a project manager to methodically step through the hundreds of parameters you will need to define before implementation.

    Frank Trovato
    Research Director, Infrastructure and Operations
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Common Obstacles

    Info-Tech’s Approach

    Leadership has invested significantly in a new ITSM tool and expects to see the benefits they were promised by the vendor and the procurement team.

    The ITSM project team needs to balance leadership expectations with the direct impact this project will have on IT staff and end users.

    Implementing an ITSM tool is a large project that is often highly complex in part because it requires input from a wide range of stakeholders: IT staff, end users, senior management, and vendors.

    A new ITSM tool will change how IT staff work and how users are serviced, and change is always difficult.

    Finally, implementing the new tool requires a migration from an existing tool without a pause in IT service availability. Incidents don’t take a week off while you execute the final product rollout.

    There may be hundreds of parameters to define and decisions to make, so identifying the full list of tasks early is critical to:

    • Identify the necessary stakeholders to provide input into implementation decisions.
    • Properly define scope and timelines.
    • Take advantage of the opportunity to review and improve processes as part of defining what will need to be configured in the new ITSM tool.

    Info-Tech Insight

    As with any large project, a key step is tackling it one bite at a time – but also understanding the size of the whole meal. This is where organizations often fail with ITSM implementations: not understanding upfront the volume of work required for a successful implementation.

    Your Challenge

    Organizations implementing a new ITSM tool often face these pitfalls:

    • Selecting the Wrong Resources: You need ITSM technology and process experts, because this is not just a technology project but also a process improvement opportunity. You will need to configure ITSM parameters and workflows in the new tool – which directly affects processes. Take advantage of that opportunity to fix pain points. For example, if your existing ticket categories are not effective, implement a better categorization scheme rather than just configure the same old, ineffective scheme.
    • Over-Reliance on the Vendor to Optimize Your Tool: Yes, the vendor will typically install and set up the tool but they will not fix your processes for you. On installation day, if you are not prepared with the categories, ticket templates, and so on that you wish to configure, your vendor will just go with the default or migrate your old parameters from your old ITSM tool.
    • Not Preparing for Data Migration: Data migration is complex. You need to determine what data to migrate, if any, and how that data will be mapped to the new environment. That takes planning and must be defined well before the vendor is ready to implement your tool.
    • Insufficient IT and End-User Training: A link to the ITSM tool manual is not enough. Staff and users need training on how your processes will be executed in the new tool.

    A survey of implementation challenges for ServiceNow’s customers

    26% Resistance to change

    43% Lacked a clear roadmap

    38% Planning for resources

    Source: Acorio, 2019

    Info-Tech’s approach

    Divide the implementation project into controllable phases for an effective implementation.

    Plan

    Define the scope of your project, identify and get buy-in from your stakeholders, and establish a timeframe for the implementation.

    Design & Build

    Identify existing process challenges and design workflows and ticket management to improve processes. Make decisions on data migrations and integrations for your new tool.

    Deploy & Train

    Create a rollout plan and communicate changes and improvements to users. Plan for the new tool deployment and monitor your solution.

    STOP: Use this blueprint after you have selected an ITSM solution

    Leverage our SoftwareReviews service and related blueprints to assist with ITSM tool selection, and then use this blueprint to plan the implementation.

    1. Evaluate solutions

    2. Select and purchase

    3. Implement (use this blueprint)

    Use our SoftwareReviews resources to evaluate solutions and vendors based on criteria such as features and customer service. Below are links to our ITSM software reviews:

    Use the following resources to help you make the case for funding and execute the purchase process:

    Your ITSM vendor or systems integrator will lead the technical implementation (e.g. software install and integration).

    As a result, your implementation plan needs to focus on preparing the information needed for implementation (e.g. ticket categories, workflow requirements) and organizational change management.

    This blueprint provides a methodology, checklist, and supporting templates to prepare for the implementation.

    Info-Tech’s methodology to build an ITSM Tool Implementation Plan

    1. Identify Scope, Stakeholders, and Preliminary Timeline

    2. Prepare to Implement Incident Management and Service Request Modules

    3. Create a Deployment Plan (Communication, Training, Rollout)

    Phase Steps

    1.1 Document define scope

    1.2 Define roles and responsibilities

    1.3 Identify preliminary timeline

    2.1 Review your existing solution and challenges

    2.2 Plan ticket management and workflow implementation

    2.3 Plan data migration, knowledgebase setup, and integrations

    2.4 Plan the module rollout

    3.1 Create a communication plan (for IT, users, and business leaders)

    3.2 Create a training plan

    3.3 Plan how you will deploy, monitor, and maintain the solution

    Phase Outcomes

    • RACI chart outlining high-level accountability and responsibilities for the project
    • Documenting timeline and team for the implementation project
    • ITSM tool implementation checklist
    • Strategy and identified opportunities to implement incident and service request modules
    • Documented communications and targeted training plan
    • Completed rollout plan and prepared to monitor your success metrics

    Insight summary

    Start with the assumption you don’t need to migrate old data

    ITSM tools are designed to support ITIL best practices

    Implement your new tool in stages to manage scope

    We all love data. We love being able to run reports showing trends, measuring changes over time, and highlighting pain points – but is your data from five years ago relevant to those assessments? Can you get by with just migrating open tickets and perhaps just the last year of critical tickets?

    Be ruthless in deciding what really needs to be in your active system to support incident matching, troubleshooting, or ongoing reporting.

    If you can’t make a strong case, don’t waste your time on old data. Remember, you can still save an exported copy or report of your old data if the need arises to search historical records.

    For organizations lacking process maturity, the tool’s default settings will often provide a good starting point. For example, a good ITSM tool will typically already be configured to follow best practices such as:

    • Separating incidents from service requests
    • Assigning resolution codes to solved tickets
    • Enabling routing based on categories

    Within those defaults, you will still need to decide your specific parameters – e.g. what your categories and resolution codes should be – so don’t blindly follow default settings but use them as a starting point.

    Start with the incident management and service requests modules. Those are typically the core of IT service management operations, so that should help realize benefits from the new tool sooner. In addition, incident management and service requests processes will support other ITSM processes such as asset management and problem management.

    Once those modules are implemented successfully (from a technology and process perspective), then start to implement your next core module (e.g. asset or change management), and continue to build from there.

    Blueprint deliverables

    This blueprint includes tools and templates to help you accomplish your goals:

    ITSM Tool Implementation Checklist

    Identify the most common decisions you will need to make and prepare for your implementation project.

    ITSM Tool Project Charter Template

    Review and edit the template to suit your project requirements

    The image contains a screenshot of the ITSM Tool Project Charter Template.
    The image contains screenshots of the ITSM Tool Implementation Checklist.

    ITSM Tool Deployment Plan Template

    Prioritize and prepare tool rollout plan

    The image contains a screenshot of the ITSM Tool Deployment Plan Template.

    ITSM Tool Training Schedule

    Use the checklist to create your new tool training roadmap

    The image contains a screenshot of the ITSM Tool Training Schedule.

    Blueprint benefits

    Benefits for IT

    Benefits for the business

    • Checklists and templates to support a smoother transition to the new ITSM tool.
    • Opportunity to review and optimize processes as part of the ITSM tool implementation project. A new tool with the same old processes will not achieve expected benefits.
    • Ability to plan and scope the project to avoid or reduce last-minute chaos.
    • Better planning means better results – specifically, ensuring that the implementation takes into account targeted business benefits.
    • Improved project management, and therefore better cost and effort estimates, by identifying required tasks upfront. This also provides the opportunity to re-scope or adjust timelines based on estimated effort.
    • Higher end-user satisfaction by executing a well-organized ITSM tool implementation.

    Measured value from using this blueprint

    Use this guide as an example to calculate your total cost savings from the ITSM tool implementation project.

    Phase 1

    Identify Scope, Stakeholders, and Preliminary Timeline

    Time, value, and resources saved by using Info-Tech’s methodology to define scope and plan your project

    E.g. 2 FTEs * 6 days * $80,000/year = $4,000/-

    Phase 2

    Prepare to Implement Incident Management and Service Request Modules

    Time, value, and resources saved by using Info-Tech’s methodology to build your solution strategy and determine configurations

    E.g. 2 FTEs * 8 days * $80,000/year = $5,400/-

    Phase 3

    Create a Deployment Plan (Communication, Training, Rollout)

    Time, value, and resources saved by using Info-Tech’s methodology to establish an effective communications roadmap and deploy tool

    E.g. 2 FTEs * 6 days * $80,000/year = $4,000/-

    Total Savings

    Total Savings

    Phase 1 + Phase 2 + Phase 3 = $13,400

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit Guided Implementation Workshop Consulting
    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.” “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.” “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    Phase 1 Phase 2 Phase 3

    Call #1: Define scope, roles, responsibilities and timeline.

    Call #2: Review your existing solution and challenges.

    Call #3: Plan ticket management and workflow implementation.

    Call #4: Plan data migration, knowledgebase setup, and integrations.

    Call #5: Plan the module rollout.

    Call #6: Create a communication plan.

    Call #7: Create a training plan.

    Call #8: Plan how you will deploy, monitor, and maintain the solution.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization. A typical GI is between 6 to 8 calls over the course of 3 to 6 months.

    Phase 1

    Identify Stakeholders, Scope, and Preliminary Timeline

    Phase 1 Phase 2 Phase 3

    Identify Stakeholders, Scope, and Preliminary Timeline

    Prepare to Implement Incident Management and Service Request Modules

    Create a Deployment Plan (Communication, Training, Rollout)

    This phase will walk you through the following steps:

    1. Define scope
    2. Define roles and responsibilities
    3. Identify preliminary timeline

    Step 1.1

    Define scope

    Activities

    1.1.1

    Use the Project Charter Template to capture project parameters

    1.1.2

    Leverage the Implementation Checklist to guide your preparation

    1.1.3

    Review goals that drove the ITSM tool purchase

    1.1.4

    Interview ITSM staff to identify current tool challenges and support organizational change management

    1.1.5

    Identify the modules and features you will plan to implement

    1.1.6

    Determine if data migration is required

    This step will walk you through the following activities:

    • Define the scope of the implementation project
    • Establish the future processes and functionalities the tool will support

    This step involves the following participants:

    • CIO
    • IT Director/Manager
    • Service Manager
    • Project Manager and the project team

    Outcomes of this step

    • Specifying the implementation project
    • Identifying the business units that are needed to support the project
    • Defining the ongoing and future service management processes the tool will support

    1.1.1 Use the Project Charter Template to capture scope, stakeholders, and timeline as outlined in Phase 1

    Follow the instructions in Phase 1 (step 1.1, 1.2, and 1.3) to gather information needed to create a project charter to define project parameters.

    Specific subsections are listed below and described in more detail in the remainder of this phase.

    1. Project Overview: Includes deliverables, scope, milestones, and success metrics.
    2. Governance and Management: Includes roles, responsibilities, and resource requirements.
    3. Project Risks, Assumptions, and Constraints: Includes risks and mitigation strategies as well as any assumptions and constraints.
    4. Project Sign-Off: Includes IT and executive sign-off (if required).

    The image contains a screenshot of the Project Charter Template.

    Download the ITSM Tool Implementation Project Charter Template

    1.1.2 Leverage the Implementation Checklist to guide your preparation

    The checklist tabs align to each phase of this blueprint.

    • Phase 1 (Tab 1) – Identify Stakeholders, Scope, and Preliminary Timeline
    • Phase 2 (Tab 2) – Prepare to Implement Incident Management and Service Request Modules
    • Phase 3 (Tabs 3+4) – Prepare to Implement Additional ITSM Modules (e.g. Change Management)
    • Phase 4 (deployment section in each tab) – Create a Deployment Plan (Communication, Training, Rollout)

    The image contains screenshots from the Implementation Checklist.

    Download the ITSM Tool Implementation Checklist

    1.1.3 Review goals that drove the ITSM tool purchase

    Identify the triggers for the selection and implementation of your new ITSM tool.

    Whether this is your first ITSM tool or a replacement for your old tool, the project was likely triggered by pain points that must be addressed by the new tool to improve your service desk. Having a clear understanding of these pain points throughout the implementation of your new tool will help to prevent them from reoccurring.

    Common ITSM pain points include:

    1. Poor communication with end users on ticket status.
    2. Lack of SLA automation to escalate issues to the appropriate channels.
    3. Poor self-service options for end users to perform simple requests on their own.
    4. Undeveloped knowledgebase for users to find answers to common issues.
    5. Lack of reporting or mistrust in reporting data.
    6. Lack of automation, including ticket templates.
    7. Overcomplicated ticket categories resulting in categories being misused.
    8. Overconfiguration prevents future upgrades.
    9. Lack of integration with other tools.

    If you haven't already selected an ITSM tool, leverage the IT Service Management Selection Guide to select the right tool.

    Download the IT Service Management Selection Guide

    1.1.4 Plan to interview staff to support organizational change management

    Identify challenges with the existing tool and processes as well as potential objections to the new tool.

    Incorporate this feedback in the implementation to drive buy-in and a successful rollout.

    Implementing a new ITSM tool will force changes in how IT staff do their work:

    • At a minimum, it means learning a new interface.
    • It could also mean leveraging features that improve IT operations but could change the process or tasks for the staff.
    • Their input on the current tool and process challenges can be critical for the project.
    • Solving at least some of their challenges can help bring them onboard to use this tool properly and follow associated process changes.

    Info-Tech Insight

    Keep management in the loop through every stage of the implementation process. They are the ones who are paying for the software, so they need to be informed throughout implementation and feel that their needs and feedback are being heard to prevent pushback further into the implementation.

    1.1.5 Identify the modules and features you will plan to implement

    Consider these factors when deciding what modules and features you want to implement:

    • Specific ITSM modules based on the recommended order and any unique business requirements
    • Key features that drove the tool purchase and address key issues
    • High-level process changes needed to address challenges and realize expected benefits from the new ITSM tool (e.g. if a key goal was automated ticket routing based on categories, then the project needs to include developing a good categorization scheme)

    Recommended order for implementation:

    1. Incident Management and Service Request
    2. This is the core of service management and typically has the highest impact on the organization. Include knowledgebase development as part of this implementation.

    3. Change Management
    4. A foundational component of service management, it allows organizations to minimize disruptions to IT services when making changes to services and critical systems.

    5. Asset Management
    6. A foundational component of service management, it allows organizations to track their assets’ locations, how they are used, and when changes are made to them.

    1.1.6 Determine if data migration is required

    If you are switching from a previous ITSM tool, carefully weigh the pros and cons as well as the necessity of migrating historical transactional data before deciding to import it into the new tool.

    Importing your old transactional data will allow you to track metrics over time, which can be valuable for data analysis and reporting purposes.

    However, ask yourself what the true value of your data is before you import it.

    You will not get value out of migrating the old data if:

    • You have incomplete or inaccurate data (a high percentage of incidents did not have tickets created in the old system).
    • The categorization of your old tickets was not useful or was used inconsistently.
    • You plan on changing the ticket categorization in the new system.

    “Don’t debate whether you can import your old data until you’ve made sure that you should.”

    – Barry Cousins, Practice Lead at Info-Tech Research Group

    Info-Tech Insight

    If you decide to migrate your data, keep in mind that it can be a complex process and proper time should be budgeted for planning, structuring the data, and importing and testing it.

    Step 1.2

    Define roles and responsibilities

    Activities

    1.2.1

    Key internal roles and responsibilities

    1.2.2

    Key external roles and responsibilities

    This step involves the following participants:

    • CIO
    • IT Director/Manager
    • Service Manager
    • Project Manager and the project team

    Outcomes of this step

    • Decision on whether to hire professional services for the implementation
    • Clearly defined roles and responsibilities for the project

    1.2.1 Identify key internal roles and responsibilities

    Review the tasks outlined in the Implementation Checklist to help you identify appropriate roles and specific staff that will be needed to execute this project.

    Project Role

    Description

    RACI

    Assigned To

    Executive Sponsor

    Liaison with the executive team (the CIO would be a good candidate for this role).

    Accountable for project completion.

    Approves resource allocation and funding.

    A, C

    Name(s)

    Project Manager

    Manages the project schedule, tasks, and budget.

    May act as a liaison between executives and the project-level team.

    R

    Name(s)

    Product Owner

    Liaison with the vendor.

    SME for the new tool.

    Provides input to tool configuration decisions.

    Manages the tool post-implementation.

    R

    Name(s)

    Process Owners

    Define current processes.

    Provide input to identifying current-state process challenges to address and potential changes as part of the new tool implementation.

    R

    Name(s)

    Service Desk Manager

    Provides input to tool configuration decisions.

    Manages and trains service desk agents to use new tool and processes.

    R

    Name(s)

    ITSM Tool Core Users (e.g. Service Desk Technicians)

    Provide input to identifying current-state process challenges to address.

    Provide input to tool configuration decisions.

    C

    Name(s)

    RACI = Responsible, Accountable, Consulted, and Informed

    Assign individuals to roles through each step of the implementation project in the governance and management chart in the Project Charter Template.

    Download the Project Charter Template

    1.2.2 Key external roles and responsibilities

    Determine whether you will engage professional services for the implementation.

    There are three main ways to implement your ITSM tool

    Implemented in-house by own staff

    Implemented using a combination of your own staff and your ITSM tool vendor

    Implemented by professional services and your ITSM tool vendor

    DIY Implementation

    Adopting a DIY implementation approach can save money but could draw out your implementation timeline and increase the likelihood of errors. Carefully consider your integration environment to determine your resourcing capabilities and maturity.

    Vendor Implementation

    In most cases, your vendor will support or execute the technical implementation based on your requirements. Use this blueprint to help you define those requirements.

    Professional Services

    Opting for professional services may result in a shorter implementation period and fewer errors but may also deny your IT staff the opportunity to develop the skills necessary to maintain and configure the solution in the future.

    Clarify the role of the professional services vendor before acquiring their services to make sure your expectations are aligned. For example, are you hiring the vendor for tool installation, tool configuration, or tool customization or for training your end users?

    Step 1.3

    Identify preliminary timeline

    Activities

    1.3.1

    Identify preliminary internal target dates

    1.3.2

    Identify target dates for vendor involvement

    This step involves the following participants:

    • CIO
    • IT Director/Manager
    • Service Manager
    • Project Manager and the project team

    Outcomes of this step

    • Specifying the target dates for the implementation project

    1.3.1 Identify preliminary internal target dates

    Identify high-level start and end dates based on the following:

    • Existing process maturity
    • Process changes required (to address process issues or to realize targeted benefits from the new tool)
    • Data migration requirements (if any)
    • Information to prepare for the implementation (review the Checklist Tool)
    • Vendor availability to support implementation
    • Executive mandates that have established specific milestone dates

    Create an initial project schedule:

    • Review the remaining phases of this blueprint for more details on the implementation planning steps.
    • Review and update the Checklist Tool to suit your implementation goals and requirements.
    • Assign task owners and target dates in the Checklist Tool.

    Note: This is a preliminary schedule. Monitor progress as well as requirement changes, and adjust the scope or schedule as needed.

    Update the columns in the Checklist Tool to plan and keep track of your implementation project.

    1.3.2 Identify target dates for vendor involvement

    Plan when you'll be ready for the vendor and identify the key points for when the vendor will come in.

    Are dates already scheduled for tool installation/configuration/customization?

    If yes:

    • Clarify vendor expectations for those target dates (i.e. what do you have to have prepared in advance?).
    • Determine options to adjust dates if needed.

    If no:

    • Defer scheduling until you have reviewed and updated the Implementation Checklist. The checklist will help you determine your readiness for vendor involvement.

    Consider if the vendor will implement the ITSM tool in one go or if they will help setup the tool in stages. Keep in mind that ITSM implementation projects typically take anywhere from 9 weeks to 16 months and plan accordingly depending on the maturity of your processes and the modules and features you plan to implement.

    Use your internal target dates to estimate when you'll be ready for the vendor to set up the tool and implement the setting that you've defined.

    Phase 2

    Prepare to Implement Incident Management and Service Request Modules

    Phase 1Phase 2Phase 3

    Identify Stakeholders, Scope, and Preliminary Timeline

    Prepare to Implement Incident Management and Service Request Modules

    Create a Deployment Plan (Communication, Training, Rollout)

    This phase will walk you through the following steps:

    • Review your existing solution and challenges
    • Plan ticket management and workflow implementation
    • Plan data migration, knowledgebase setup, and integrations
    • Plan the module rollout

    Additional Info-Tech Research

    The Implementation Checklist Tool summarizes what you need to prepare for the implementation. If you need more assistance with developing the underlying ITSM processes, use the tools, templates, and guidance in these blueprints.

    Standardize the Service Desk

    Build core elements of service desk operations, including incident management and service request workflows, ticket categorization schemes, and ticket prioritization rules.

    Optimize the Service Desk With a Shift-Left Strategy

    Implement tools such as an improved knowledgebase and self-service portal to enable lower tier support staff and end users to resolve incidents or fulfill service requests.

    Incident and Problem Management

    Develop a critical incident management workflow and create standard operating procedures for problem management.

    Step 2.1

    Review your existing solution and challenges

    Activities

    2.1.1

    Configure, don’t customize, your solution to minimize risk

    2.1.2

    Review your existing process and solution challenges for opportunities for improvement

    This step involves the following participants:

    1. Service Manager and Service Desk Team
    2. Project Manager and Core Project Team
    3. Subject Matter Experts and Tool Administrator, if applicable

    2.1.1 Configure your tool, don’t customize it

    Your tool may require at least some basic configurations to align with your processes, but in most cases customization of the tool is not recommended.

    Configuration

    Customization

    • Creating settings and recording reference data in the tool within the normal functionality of the tool.
    • Does not require changes to source code.

    Documentation of configurations is key.

    Failure to document configurations and the reasons for specific configurations will lead to:

    • Difficulty diagnosing incidents and problems.
    • Difficulty reconstructing the tool in the case of disaster recovery.
    • One administrator having all of the knowledge of configurations and taking it with them if they leave the organization.
    • Configurations that become useless in the future are maintained and lead to unnecessary work if documentation is not regularly reviewed.
    • Extending the functionality of the tool beyond what it was originally intended to do.
    • Requires manual changes to source code.

    Carefully consider whether a customization is necessary.

    • Over-customization of your ITSM tool code may lock you into your current version of the software by preventing future patches and upgrades, leaving you with outdated software.
    • Over-customization becomes particularly risky when your ITSM solution is integrated with other tools, as a loss in functionality of your ITSM tool resulting from over-customization may cause disruptions across the business.
    • If your selected ITSM solution doesn’t do something you think you need it to do, carefully evaluate whether you really need that customization and if the trade-off of potentially limiting future innovation is worth it.

    Case Study

    Consider the consequences of over-customizing your solution.

    INDUSTRY: Education

    SOURCE: IT Director

    Situation

    Challenge

    Resolution

    A few years ago, the service management office at the university decided to switch ITSM tools, from Computer Associates to ServiceNow.

    They wanted the new tool to behave similarly to what they had previously, so they made a lot of customized code changes to ServiceNow during implementation.

    As a result of the customizations, much of the functionality of the tool was restricted, and the upgrades were not compatible with the solution.

    The external consultants who performed the customizations and backend work did not document their changes, leaving the service management team without an understanding of why they did what they did.

    The service management team is working with ServiceNow to slowly unravel the custom code to try to get the solution back to having out-of-the-box functionality, with the ability to be upgraded.

    It has been challenging to do this work without disrupting the functionality of the tool.

    Over-customization led to the organization paying for features they couldn’t use and spending more time and resources down the road to try to reverse the changes.

    2.1.2 Review your existing process to identify opportunities for improvement

    Documenting your existing processes is an effective method for also reviewing those processes and identifying inefficiencies. Take advantage of this project to fix your process issues.

    1. Document your existing workflows for incident management and service requests.
    2. Review your workflows to identify opportunities to optimize through process refinement (e.g. clarifying escalation guidelines) or by leveraging features in your new ITSM tool (e.g. improved workflow automation).
    3. Similarly, review the challenges identified through stakeholder interviews: is there an opportunity address those challenges through process changes or leveraging your new ITSM tool?
    4. Address those challenge and issues as you execute the tasks outlined in the Implementation Checklist Tool. For example, if inconsistent ticket routing was identified as a challenge due to a vague categorization scheme, that’s a driver to review and update your scheme rather than just carry forward your existing scheme.

    Regardless of your existing ITSM maturity, this is an opportunity to review and optimize existing processes. Even the most-mature organizations can typically find an area to improve.

    Case Study

    Reviewing and defining processes before the implementation can be a project in itself.

    INDUSTRY: Defense

    SOURCE: Anonymous

    Situation

    Challenge

    Resolution

    The organization was switching to a new ITSM tool. To prepare for the implementation, they gathered stakeholders, held steering committee meetings, and broke down key processes, teams, and owners before even meeting with the larger group.

    They used a software tool called InDesign to visibly map service requests and incidents and determine who owned each process and where the handoffs were.

    The service catalog also needed to be built out as they were performing certain services that didn’t relate to anything in the catalog.

    The goal for the implementation was to have it completed within a year, but it ended up going over, taking 15 to 16 months to complete.

    Most of the time was spent identifying processes upfront before configuring the tool. There were difficulties defining processes as well as agreeing on who owned a process or service.

    There were also difficulties agreeing upon who the valid stakeholders were for processes, as groups were siloed.

    The major obstacles to implementation were therefore people and process, not the product.

    New processes were introduced, and boundaries were placed around processes that were being done in the past that weren’t necessary.

    Once the groups were able to agree upon process owners, the tool configuration and implementation itself did not pose any major difficulties.

    After the implementation, the tool was continually improved and sharpened to adapt to processes.

    Step 2.2

    Plan ticket management and workflow implementation

    Activities

    2.2.1

    Define ticket classification values

    2.2.2

    Define ticket templates for common incident types and service requests

    2.2.3

    Plan your ticket intake channels

    2.2.4

    Design a self-service portal

    2.2.5

    Plan your knowledgebase implementation in the new tool

    2.2.6

    Design your ticket status notification processes and templates

    2.2.7

    Identify required user accounts, access levels, and skills/ service groups

    2.2.8

    Review and update your workflows and escalation rules

    2.2.9

    Identify desired reporting and relevant metrics to track

    This step involves the following participants:

    1. Service Manager and Service Desk Team
    2. Project Manager and Core Project Team
    3. Subject Matter Experts and Tool Administrator, if applicable

    Outcomes of this step

    Tool is designed and configured to support service desk processes and organization needs.

    Checklist overview

    The ITSM Tool Implementation Checklist will help you estimate resources required to support demand, based on your ticket volume.

    TAB 2

    TAB 3

    TAB 4

    Incident and Service Modules Checklist

    Change Management Modules

    Asset Management Modules

    The image contains a screenshot of the ITSM Tool Implementation Checklist, tab 2. The image contains a screenshot of the ITSM Tool Implementation Checklist, tab 3. The image contains a screenshot of the ITSM Tool Implementation Checklist, tab 4.

    How to follow this section:

    The following slides contain a table that explains why each task in the module matters and what needs to be considered. Complete the checklist modules referring to this section.

    2.2.1 Define ticket classification values

    Ticket classification improves reporting, workflow automation, and problem identification.

    Review your existing ticket classification values to identify what to carry forward, drop, or change. For example, if your categorization scheme has become too complex, this is your opportunity to fix it; don’t perpetuate ineffective classification in the new tool.

    Task

    Why this matters

    Ticket Types (e.g. incident, service request, change)

    In particular, separating incidents from service requests supports appropriate ticket prioritization and resourcing; for example, an incident typically should be prioritized, and service requests can be scheduled.

    Categories (e.g. network, servers)

    An effective categorization scheme can help identify ticket assignment and escalation (e.g. network tickets would be escalated to the network team), and potentially automate ticket routing.

    Resolution Codes

    Indicates how the ticket was resolved (e.g. configuration change). Supports another layer of trends reporting and data to support problem identification.

    Status Values

    Shows what status the ticket is currently in (e.g. if the ticket has been opened or assigned to an agent, if it is in progress or has been resolved).

    2.2.2 Define ticket templates for common incident types and service requests

    Ticket templates are the backbone of automation. A common complaint is that tickets take too much time. However, a little planning can reduce the time it takes to create a ticket to less than a minute.

    Task

    Why this matters

    Identify common recurring tickets that would be good candidates for using ticket templates (e.g. common service requests and incidents).

    Some common recurring tickets such as password reset, new laptop, and login requests would be great candidates to create ticket templates for. Building a deck of standard rules to follow for common tickets saves time and reduces the number of tickets generated.

    Design ticket templates and workflows for common tickets (e.g. fields to auto-populate as well as routing and secondary tickets for onboarding requests).

    Differentiating between recurring ticket types and building pre-defined templates not just saves time but can also have major impact on how service is delivered as this will also help separate tickets. Creating these templates beforehand will also let you communicate effectively with the users at a time when all hands need to be on deck.

    2.2.3 Plan your ticket intake channels

    Consider possible ticket intake channels and evaluate their relevance to your organization.

    Task

    Why this matters

    Decide on ticket intake channels (e.g. phone, email, portal, walk-ups).

    Each standard intake channel serves its own purposes and can be extremely valuable under different circumstances. For example, walk-ins may be inefficient but necessary for critical incidents.

    If using email, identify/create the email account and appropriate permissions.

    Email works well if it automatically creates a ticket in your ticketing system, but users often don’t provide enough information in unstructured emails. Use required fields and ticket templates to ensure the ticket is properly categorized.

    If using phone, identify/create the phone number and appropriate integrations.

    Maintain the phone for users from other locations and for critical incidents but encourage users who call in to submit a ticket through the portal.

    If using a portal, determine if you will leverage the tool's portal or an existing portal.

    The web portal is the most efficient intake method, but ensure it is user friendly before promoting it.

    If using chat, determine whether you will use the tool's chat or an existing chat mechanism and whether integrations are needed.

    Another way to improve support experience for your customers is through live chat. This gives your customers an easy way to reach you at the exact moment they have questions or issues they can't fix.

    2.2.4 Design a self-service portal

    Map your processes to the tool by defining your ticket input, categories, escalations, and workflows.

    Don’t forget about the client-facing side of the solution. It is important to build a self-serve portal that has an easy-to-use interface where the user can easily find the category for the help they’re looking for. It is also necessary to educate the users on where to find the portal or how to access it.

    Task

    Why this matters

    Identify components to include (e.g. service request, incident, knowledgebase).

    Identify the categories you want the users to be able to access in the portal. Finding the right balance of components to include is very important to make it easy for your users to find all the relevant information they are looking for. This could mean fewer tickets.

    Plan the input form for service requests and incidents (e.g. mandatory fields, optional fields, drop-down lists).

    Having relevant and specific fields helps to narrow down your user’s issues and provides more information on how to allocate these tasks among the service desk resources and reduce time to further investigate the issues.

    If service catalog will be attached to the ITSM tool, define routing and workflows; if there is no existing service catalog, start a separate project to define it (e.g. services, SLAs).

    A centrally defined guide enables a uniform quality in service and clarifies the responsible tier for the ticket. Identify services that will be included in the catalog, and if the information is attached to the ITSM tool, plan for how will the routing and workflows be structured.

    Plan design requirements (e.g. company branding).

    Ensure that the portal is aligned with the company’s theme and access format. Work with the vendor to customize the branding on the tool, design requirements, images.

    2.2.5 Plan your knowledgebase (KB) implementation in the new tool

    Evaluate how onerous KB migration will be for you. Is this an opportunity to improve how the KB is organized?

    Task

    Why this matters

    Define knowledgebase categories and structure.

    Establishing knowledgebase structures or having them separated into categories makes it easy for your clients to find them (e.g. do they align with ticket categories?).

    Identify existing knowledgebase articles to add to the new tool.

    Review existing knowledgebase articles at a high level (e.g. Do you carry forward all existing articles? Take an opportunity to retire old articles?).

    Define knowledgebase article templates.

    Having standardized templates makes it an easy read and will increase its usage (e.g. all knowledgebase articles for recurring incidents will follow the same template).

    Build knowledgebase article creation, usage, and revision workflows.

    Decide how new knowledgebase articles will be built and added to the tool, how it will be accessed and used, and also any steps necessary to update the articles.

    Plan a knowledgebase feedback system.

    For example, include a comments section, like buttons, and who will get notified about feedback.

    2.2.6 Design your ticket status notification processes and templates

    Task

    Why this matters

    Identify triggers for status notifications. Balance the need for keeping users informed versus notifications being treated as spam.

    Identify when and where the users are informed to make sure you are not under or over communicating with them. Status notifications and alerts are a great way to set or reset expectations to your users on the delivery or resolution on their tickets. For example, auto-response for a new ticket, or status updates to users when the ticket is assigned, solved, and closed.

    If using email notifications, design email templates for each type of notification.

    Creating notification templates is a great way to provide standardized service to your clients and it saves time when a ticket is raised. For example, email templates for new ticket, ticket updated, or ticket closed.

    Plan how you will enable users to validate the ticket or resolve request without causing the ticket to reopen.

    For example, in the ticket solved template, provide a link to close the ticket, and ask the user to reply only if they wish to re-open the ticket (i.e. if it's not resolved). May require consulting with the ITSM tool vendor.

    Decide if customer satisfaction surveys will be sent to end users after their ticket has been closed.

    Discuss if this data would be useful to you if captured to improve/modify your service.

    If customer satisfaction surveys will be used, design the survey.

    Discuss what data would be useful to you if captured and create survey questionnaires to capture that data from your clients. For example, how many questions, types of questions, whether sent for every ticket or randomly.

    2.2.7 Identify required user accounts, access levels, and skills/service groups

    Task

    Why this matters

    Define Tier 1, 2, and 3 roles and their associated access levels.

    Having pre-established roles for different tiers and teams is a great way to boost accountability and also helps identify training requirements for each tier. For example, knowledgebase training for tier 1 & 2, reporting/analytics for IT manager.

    Identify skill groups or support teams.

    Establishing accountability for all the support practices in the service desk is important for the tickets to be effectively distributed among the functional individuals and teams. Identifying the responsibilities of groups help execute shift-left strategy.

    Identify required email permissions for each role.

    For example, define which roles get permissions to include status updates or other ticket information in their emails or to support automated notifications and other integrations with email.

    Determine how you will import users into the new tool.

    Identify the best way to migrate your users to the new tool whether it be by importing from Active Directory or the old ITSM tool, etc.

    2.2.8 Review and update your workflows and escalation rules

    Task

    Why this matters

    Document your future-state incident and service request workflows that will incorporate the above planning as well as improvements supported by the new tool.

    Document your workflows and review it to make sure it’s accurate and also to help you with communicating process expectations to all the stakeholders.

    Review the future-state workflows.

    This helps you validate that the planned changes meet your goals and identify any additional required changes.

    Update ticket classification values, templates, and ticket intake as needed based on the future-state workflows.

    Documenting your process might uncover additional requirements for classification, templates, etc. Ensure that the classification templates and related parameters align with the workflows.

    Identify opportunities to further automate workflows by leveraging the new tool.

    The process of reviewing the workflows often helps identify manual processes, labor intensive processes, very repetitive processes, etc. These can be opportunities to further automate your processes.

    2.2.9 Identify desired reporting and relevant metrics to track

    Documentation of key metrics of service desk performance and end-user satisfaction that you wish to improve through the new solution is key to evaluate the success of your implementation.

    Task

    Why this matters

    Define the metrics you will track in the new ITSM tool.

    It is critical to ensure that your tool will be able to track necessary metrics on KPIs from the start and that this data is accurate and reliable so that reporting will be relevant and meaningful to the business. Whether you use your own tool for tracking metrics or an external tool, ensure that you can get the internal data you need from the ITSM tool. This may include measures of Productivity (e.g. time to respond, time to resolve), Service (e.g. incident backlog, customer satisfaction), and Proactiveness (e.g. number of knowledgebase articles per week).

    Determine what reports you want to generate from data collected through the tool.

    It’s not enough to simply set up metrics, you have to actually use the information. Reports should be analyzed regularly and used to manage costs and productivity, improve services, and identify issues. Ensure that your service desk team contributes to the usefulness of reporting by following processes such as creating tickets for every incident and request, categorizing it properly, and closing it after it’s resolved with the proper resolution code.

    Identify the information and metrics to include in the ITSM tool's dashboards.

    A dashboard helps drive accountability across the team through greater visibility. Decide what will be reported on the dashboard. For example, average time to resolution, number of open tickets with subtotals for each priority, problem ticket aging.

    Step 2.3

    Plan data migration and integrations

    Activities

    2.3.1

    Create a data migration and archiving plan

    2.3.2

    Identify and plan required integrations

    This step involves the following participants:

    1. Service Manager and Service Desk Team
    2. Project Manager and Core Project Team
    3. Subject Matter Experts and Tool Administrator, if applicable

    Outcomes of this step

    • Decisions made around data migration, integrations, automation, and reporting.
    • ITSM Tool Implementation Checklist

    2.3.1 Create a data migration and archiving plan

    Task

    Why this matters

    Document your future-state incident and service request workflows that will incorporate the above planning as well as improvements supported by the new tool.

    Document your workflows and review them to make sure they’re accurate and also to help you with communicating process expectations to all the stakeholders.

    Review the future-state workflows.

    This helps you validate that the planned changes meet your goals and identify any additional required changes.

    Update ticket classification values, templates, and ticket intake as needed based on the future-state workflows.

    Documenting your process might uncover additional requirements for classification, templates, etc. Ensure that the classification templates and related parameters align with the workflows.

    Identify opportunities to further automate workflows leveraging the new tool.

    The process of reviewing the workflows often helps identify manual processes, labor-intensive processes, very repetitive processes, etc. These can be opportunities to further automate your processes.

    2.3.2 Identify and plan required integrations

    Consider and plan for any necessary integrations with other systems.

    A major component of the implementation that should be carefully considered throughout is if and how to integrate your ITSM tool with other applications in the environment.

    Task

    Why this matters

    Identify the systems you need to integrate with your ITSM tool (e.g. asset discovery tools, reporting systems).

    Regardless of whether your solution will be configured and installed on-premises or as a SaaS, you need to consider the underlying technology to determine how you will integrate it with other tools where necessary.

    Businesses may need to integrate their ITSM tool with other systems including asset management, network monitoring, and reporting systems to make the organization more efficient.

    Determine how data will flow between systems.

    Carefully evaluate the purpose of each integration. Clients often want their ITSM tool to be integrated with all of the available data in another application when they only need a subset of that data to be integrated.

    Consider not only which systems you need to integrate with your ITSM tool but also who the owners of those systems are and which way the data needs to flow.

    Plan the development, configuration, and testing of integrations.

    As with other aspects of the implementation, configure and test the integrations before going live with the tool.

    Step 2.4

    Plan the module rollout

    Activities

    2.4.1

    Repeat the methodology for additional ITSM modules, using the Checklists as a guide

    2.4.2

    Leverage these blueprints to help you implement change and asset management modules

    This step involves the following participants:

    1. Service Manager and Service Desk Team
    2. Project Manager and Core Project Team
    3. Subject Matter Experts and Tool Administrator, if applicable

    Outcomes of this step

    Identify and plan for additional modules and features to be implemented

    2.4.1 Repeat the methodology for additional ITSM modules, using the Checklists as a guide

    The preparation completed in Phase 1 and 2 to this point provide a foundation for additional ITSM modules.

    This blueprint starts with the incident management and service request modules as those are typically implemented first since they are the most impactful to day-to-day IT service management.

    In addition, the methodology outlined in Phase 1 and 2 to this point provides a model to follow for additional ITSM modules:

    • If you did not already account for additional modules in Phase 1, then repeat the steps in Phase 1 to define scope, stakeholders, and timeline.
    • The Implementation Checklist Tool provides tabs for Change Management and Asset Management to outline the specific details for those topic areas, but they follow the same high-level steps as Phase 2 (e.g. review existing processes, design relevant workflows).
    • If you are planning to implement other modules (e.g. Problem Management), create additional tabs in the Implementation Checklist Tool as needed, using the existing tabs as a base.
    The image contains screenshots of the ITSM checklists.

    2.4.2 Leverage these blueprints to help you implement change and asset management modules

    The Implementation Checklist Tool summarizes what you need to prepare for the implementation. If you need more assistance with developing the underlying ITSM processes, use the tools, templates, and guidance in the blueprints below.

    Optimize IT Change Management

    Define change management workflows, key roles, and supporting elements such as request-for-change forms based on best practices.

    Implement Hardware Asset Management

    Create an SOP and associated process workflows to streamline and standardize hardware asset management.

    Implement Software Asset Management

    Build on a strong hardware asset management program to also properly track and manage software assets. This includes managing software licensing, finding opportunities to reduce costs, and improving your software audit readiness.

    Phase 3

    Create a Deployment Plan (Communication, Training, Rollout)

    Phase 1Phase 2Phase 3

    Identify Stakeholders, Scope, and Preliminary Timeline

    Prepare to Implement Incident Management and Service Request Modules

    Create a Deployment Plan (Communication, Training, Rollout)

    This phase will walk you through the following steps:

    1. Create a communication plan (for IT, users, and business leaders)
    2. Create a training plan
    3. Plan how you will deploy, monitor, and maintain the solution

    ITSM Tool Training Schedule

    ITSM Tool Deployment Plan Template

    Use the template to document and plan the communications and training needs prior to deployment of the new tool.

    The image contains a screenshot of the ITSM Tool Training Schedule.

    Use the deployment plan template to document the strategy and decisions made for making the transition to the new ITSM tool.

    The image contains a screenshot of the ITSM Tool Deployment Plan Template.

    Download the ITSM Tool Training Schedule

    Download the ITSM Tool Deployment Plan Template

    Step 3.1

    Create a communication plan (for IT, users, and business leaders)

    Activities

    3.1.1

    Ensure there is strong communication from management throughout the implementation and deployment

    3.1.2

    Base your communications timeline on a classic change curve to accommodate natural resistance

    3.1.3

    Communicate new processes with business leaders and end users to improve positive customer feedback

    This step involves the following participants:

    1. CIO/IT Director
    2. IT Manager
    3. Service Manager

    Outcomes of this step

    Plan for communicating the change with business executives, service desk agents, and end users.

    3.1.1 Ensure there is strong communication from management throughout the implementation and deployment

    A common contributing factor for unsuccessful implementation is a lack of communication around training, transitioning, and deploying the new tool.

    Common Pitfall:

    Organizational communication and change management should have been ongoing and tightly monitored throughout the project. However, cut-over is a time in which critical communication regarding deployment and proper user training can be derailed when last-minute preparations take priority. Not only will general user frustration increase, but unintended process workarounds will emerge, eroding system effectiveness.

    Mitigating Actions:

    Deliver training for end users that will be engaged in testing. For all other users, deliver training prior to go-live to avoid the risk of training too early (where materials may not be ready or users are likely to forget what was learned). If possible, host quick refresher training a week or two prior to go-live.

    Aim to communicate the upcoming go-live. The purpose of communication here is to reiterate expectations, complexities, and ramifications on business going forward. Alleviate performance anxiety by clearly stating that temporary drops in productivity are to be expected and that there will be appropriate assistance throughout the transition period.

    Transition: Have the project/program manager remain on the project team for some time after deployment to oversee and assure smooth transition for the organization.

    Complete training: Have a clear plan for training those users that were missed in the first round of training as well as a plan for ongoing training for those that require refresher training, for new joiners to your organization, and for any training requirements that result from subsequent upgrades.

    3.1.2 Base your communications timeline on a classic change curve

    It’s important to communicate the change ahead of the implementation, but also to reinforce that communication after implementation to recover from any resistance that occurs through the implementation itself.

    Stages in a typical change curve:

    1. Change is announced. Some people are skeptical and resistant, but others are enthusiastic. Most people are fence sitters; if they trust senior leadership, they will give the benefit of the doubt and expect change to be good.
    2. Positive sentiment declines as implementation approaches. Training and other disruptions take people’s time and energy away from their work. Project setbacks and delays take credibility away from project leaders and seem to validate the efforts of saboteurs and skeptics.
    3. Overall sentiment begins to improve as people adjust and see real progress made. Ideally, early successes or quick wins neutralize saboteurs and convert skeptics. At the very least, people will begin to accept and adapt to new realities.
    4. If the project is successful and communication is reinforced after implementation, sentiment will peak and level out over time as people move on to other projects.

    The image contains a diagram of a change curve.

    1. Honeymoon of “Uninformed Optimism”: Tentative support and enthusiasm for change before people have really felt or understood what it involves.
    2. Backlash of “Informed Pessimism” (leading to “Valley of Despair”): People realize they’ve overestimated the benefits (or how soon they’ll be achieved) and underestimated the difficulty of change.
    3. Valley of Despair and beginning of “Hopeful Realism”: Sentiment bottoms out and people begin to accept the difficulty (or inevitability) of change.
    4. Bounce of “Informed Optimism”: More optimism and support when people begin to see bright spots and early successes.
    5. Contentment of “Completion”: Change has been successfully adopted and benefits are being realized.

    3.1.3 Communicate new processes

    1. Communicate with business unit leaders and users:
    • Focus on the benefits for end users to encourage buy-in for the change.
    • Include preliminary instructions with a date for training sessions.
  • Train users:
    • Teach users how to contact the service desk and submit a ticket.
    • Set expectations for IT’s response.
    • Record all your training sessions so it can used for recursive training.
  • Enforce:
    • IT must point users toward the new process, but ad hoc requests should still be expected at first. Deal with these politely but encourage all employees to use the new service desk ticketing process, if applicable.
  • Measure success:
    • Continue to adjust communications if processes aren’t being followed to ensure SLAs can be met and improved.

    “Communicate with your end users in phase 1 to let them know what will be changing, get feedback and buy-in, and inform them that training will be happening, then ensure you train them once the tool is installed. A lot of times we’ll get our tool set up but people don’t know how to use it."

    – Director of ITSM Tools

    Info-Tech Insight

    If there is a new process for ticket input, consider using a reward system for users who submit a ticket through the proper channel ;(e.g. email or self-serve portal) instead of their old method (e.g. phone). However, if a significant cultural change is required, don’t expect it to happen right away.

    Step 3.2

    Create a training plan

    Activities

    3.2.1

    Target training session(s) to the specific needs of your service desk, service groups, IT managers

    3.3.1

    Provide training (tool/portal and process changes)

    3.4.1

    Choose an appropriate training delivery method that will focus on both process and tool

    This step involves the following participants:

    • IT Director
    • Project Manager
    • Service Desk Manager

    Outcomes of this step

    • Training modules for different users of the tool.
    • Assignment of training modules to users and schedule for completion.

    3.2.1 Target training session(s) to the specific needs of your service desk and IT staff

    Create targeted role-based training programs for your service desk analysts; they care about the portion of the solution they are responsible for, not the functionality that is irrelevant to their job.

    Create and execute a role-based training program by conducting training sessions for targeted groups of users, training them on the functions they require to perform their jobs.

    Use a table like this one to help identify which roles should be trained on which tasks within the ITSM tool.

    The image contains a table as an example of identifying which roles should be trained within the ITSM tool.

    The need for targeted training:

    • IT personnel may challenge the need for training. They may feel they don’t require training on the use of tools or that they don’t have time to dedicate to training when there is so much work to be done.
    • Providing targeted training focused on only the functions of the solution that each tier is responsible for can help to overcome that resistance.
    • Targeted training may include basic training for level 1 technicians and more advanced in-depth training for administrators, power users, or level 2/3 technicians.

    Info-Tech Insight:

    Properly trained users promote adoption and improve results. Always keep training materials updated and available. New employees, new software integration, and internal promotions create opportunities for training employees to align the ITSM tool with their roles and responsibilities.

    3.2.2 Provide training

    Training must take place before deployment to ensure that both your service desk agents and end users will use the tool in the way it was intended and improve end-user satisfaction.

    • Implementing a new ITSM tool will likely bring with it at least some degree of organizational and cultural change. It’s important to manage that change through proper training. Your training needs will vary depending on the maturity of the organization and the amount of cultural and process change being implemented.
    • If this is your first ITSM solution with many new changes for staff to take on board, it will be important to dedicate training time not only before deployment but also several months after the initial installation, to allow staff to gain more experience with the new tool and processes and formulate questions they may not think to ask during implementation.
    • A training plan should take into account not only training needs for the implementation project but also any ongoing training requirements that may be required. This may include:
      • Training for new personnel.
      • Training on any changes to the tool.
      • Training on any new processes the tool will support.
    • Better agent training will lead to better performance and improved end-user satisfaction.

    The image contains a screenshot of a graph to demonstrate training hours and first contact resolution.

    The blue graph line charts new-agent training hours against first contact resolution and the orange graph line charts the trendline for the dataset.

    Source: MetricNet, 2012

    3.2.3 Choose an appropriate training delivery method

    Training should include use cases that focus on not only how the tool’s interface works but also how the tool should be used to support process activities.

    1. Training through use cases highlights how the tool will support the user in role-based tasks.
    2. If new processes are being introduced along with the tool, training should cover both in an integrated way.
    3. Team leadership and management commitment ensures that all agents take their training seriously and are prepared for all use cases by the deployment date.

    Trainer-led sessions:

    Self-taught sessions:

    • May take the form of onsite or video training.
    • Vendor may train administrators or managers, who will later train remaining staff.
    • Allows for interaction with the trainer and greater opportunity to ask questions.
    • Difficult for large organizations with many users to be trained.
    • Delivered via computer-based training applications, typically through a web browser.
    • May include voice training sessions combined with exercises and quizzes.
    • More feasible for large, distributed organizations with less flexible schedules.

    Info-Tech Insight:

    Ensure that the training demonstrates not only how the tool should be used, but also the benefits it will provide your staff in terms of improved efficiency and productivity. Users who can clearly see the benefits the tool will provide for their daily work will accept the tool more readily and promote it across the organization.

    Step 3.3

    Plan how you will deploy, monitor, and maintain the solution

    Activities

    3.3.1

    Plan the transition from your old tool to ensure continual functionality

    3.3.2

    Choose a cut-over approach that works for you

    3.3.3

    Deploy the solution and any new processes simultaneously to ease the transition

    3.3.4

    Have a post-deployment support plan in place

    3.3.5

    Monitor success metrics defined in Phase 1

    This step involves the following participants:

    • IT Director
    • Project Manager
    • Service Desk Manager

    Outcomes of this step

    Deployment plan, including a plan for cut-over from the old tool (if applicable), release of the new tool, and post-deployment support and maintenance of the tool.

    3.3.1 Plan the transition from your old tool to ensure continual functionality

    If you will have a transitional period during which the current tool will be used alongside the new tool, develop a clear plan for the transition to ensure continued service for your end users.

    • If there will be an interim period during which only some aspects of the new ITSM tool are functional, you will need to determine how the new system and old systems will work together for that period of time. This may require creating interfaces as well as providing user documentation and/or SOPs on how the business processes will operate during the interim period.
    • Cut-over is the period during which the changeover to the new system occurs. Cut-over activities need to be tightly choreographed for a successful deployment. If improperly planned, chaos may erupt when unforeseen issues are encountered during deployment, the deployment may be jeopardized, and the organization may encounter costly interruptions to its daily operations.
    • Many organizations may leave any open tickets in the old tool until they are closed, which requires that tool run alongside the new tool for a transitional period. In this case, it is necessary to create guidelines around how long the open tickets will remain in the old system and ensure there is clear communication around these processes.

    Be prepared for the transition:

    1. Create a robust cut-over plan that includes when the old tool will be decommissioned, what activities are necessary during the cut-over, and what the contingency plan is in case of unforeseen issues.
    2. Plan for and perform mock cut-overs to establish the timeline and dependencies for all steps that need to be performed to successfully complete the changeover. Do this to avoid any surprises or delays during the true cut-over period.
    3. Establish cut-over logistics: Create a schedule for resources to work in shifts to avoid burn-out during cut-over, which can lead to lapses in judgment and easily avoidable mistakes. Allocate dedicated workspaces for cut-over activities, e.g. “war rooms” for the triage of issues.

    3.3.2 Choose a cut-over approach that works for you

    Approaches and insights from three case studies

    Case Study #1

    Case Study #2

    Case Study #3

    On day one we started recording all new incidents in the new tool, and everything that was open in the old tool remained open for about one month. At that point we transferred over some open incidents but closed old incidents with the view that if anyone really wanted something done that hadn’t been yet, they could re-submit a ticket.

    – Brett Andrews,

    Managing Director at BAPTISM Consultancy

    It made sense for us to start fresh with the new system. We left all of the old tickets in the old system and started the new system with ticket #1. We only had about a dozen open tickets in the old system so we left them there and ran the two tools side by side until those were closed.

    – CIO, Publishing

    It depends on the client and the size of their service desk as well as the complexity of their data and whether they need their old data for reporting. If there are only a dozen open tickets, they can manually move those over easily, and decide whether they want to migrate their historical data for reporting purposes.

    – Scott Walling,

    Co-Founder at Monitor 24-7 Inc.

    3.3.3 Deploy the solution and any new processes simultaneously to ease the transition

    Follow a deployment plan for introducing new processes alongside the new tool to ensure changes to both process and technology are adopted simultaneously.

    If you’re introducing new processes alongside the new tool, it’s important to maintain the link between process and tool. Typically, the processes and tool should be deployed simultaneously unless there is a strong reason not to do so.

    Deployment can be done as a big-bang or phased approach. The decision to employ a phased deployment depends on the number and size of business units the tool will support, as well as the organization’s geography and infrastructure (deployment locations).

    Before deployment, conduct readiness assessments to understand whether:

    The people are ready to accept the new system (have received the proper training and communications and understand how their jobs will change when the switch is flipped).

    The technology is ready (test results are favorable, workarounds and a plan for closure have been identified for any open defects, and the system is performing as expected).

    The data is ready (data for final conversion has been cleansed, and all conversions have been rehearsed).

    The post-deployment support model is ready (infrastructure and technical support is in place, sites are ready, knowledge transfer has been conducted with the support organization, and end users understand procedures for escalation of issues).

    3.3.4 Have a post-deployment support plan in place

    Ensure that strong internal support for the project and tool will continue after deployment.

    The stabilization period after a new software deployment can last between three and nine months, during which there may be continued training needs and fine-tuning of processes. Internal support from project leaders within your organization will be critical to recover from any dip in operational efficiency and deliver the benefits of the tool.

    Consider the following to prepare better for your support plan:

    What are the roles and responsibilities for ongoing tool administration support?

    What level of support will exist to assist service desk staff after deployment?

    How much time will project team resources devote to tackling upcoming issues and assisting with ongoing support?

    Who will be responsible for ongoing training needs and documentation?

    If your organization is spread across multiple locations, what level of support/assistance will be available at each site?

    How will new code releases or system upgrades be managed and communicated?

    Info-Tech Insight:

    Deployment is only the first step in the system lifecycle. Full benefit realization from the tool requires ongoing investment and learning to be sustained. Unless processes and training are updated on an ongoing basis, benefits gained will start to decrease over time. If your service desk efficiency stagnates at the level it was at prior to implementation, the tool has failed to serve its objective.

    Establish ongoing tool maintenance, improvement structures, and processes

    People, processes, and organizations change over time, and your ITSM tool will need to change to meet expectations.

    Develop and execute a plan for the maintenance of the solution and its infrastructure components.

    Include periodic reviews against business needs and operational requirements (e.g. patches, upgrades, and risk and security requirements).

    For maintenance updates, use the change management process and assess how an activity will impact solution design, functionality, and business processes.

    For major changes that result in significant change in current designs, functionality, and/or business processes, follow the development process used for new systems.

    Ensure that maintenance activities are periodically analyzed for abnormal trends indicating underlying quality or performance problems, cost/benefit of major upgrade, or replacement in lieu of maintenance.

    Assign responsibility for ongoing maintenance. Hold regular meetings for the following activities:

    1. Inspect data and reports.
    2. Assess whether you’re meeting SLAs.
    3. Predict any upcoming changes that may impact ticket volume (e.g. a new operating system or security patch).
    4. Create new ticket templates for recurring or upcoming issues.
    5. Create new knowledgebase articles.
    6. Determine whether ticket categories are being used correctly.
    7. Ask team if there are any problems with the tool.

    3.3.5 Monitor success metrics defined in Project Charter

    Revisit your goals for the solution and assess if they are being met by evaluating current metrics. If your goals have not yet been met, re-evaluate how to ensure the tool will deliver value.

    Sample High-Level Goals:

    1. Improved service desk efficiency
    2. Improved end-user satisfaction
    3. Improved self-service options for end users
    4. Improved data and reporting capabilities

    Sample Metric Descriptions

    Baseline Metric

    Goal

    Current Metric

    Increased ticket input through email versus phone

    50% of tickets submitted through phone

    10% of tickets submit through phone

    Reduced ticket volume (through improved self-serve capabilities)

    1,500 tickets per month

    1,200 tickets per month

    Improved first call resolution (through increased efficiency and automation)

    50% FCR

    60% FCR

    Improved ability to meet SLAs (through automated escalations and prioritization)

    5 minutes to log a ticket

    1 minute to log a ticket

    Improved time to produce reports

    3 business days

    1 business day

    Improved end-user satisfaction

    60% satisfied with services

    75% satisfied

    Related Info-Tech Research

    Optimize IT Change Management

    Define change management workflows, key roles, and supporting elements such as request-for-change forms based on best practices.

    Standardize the Service Desk

    Build core elements of service desk operations, including incident management and service request workflows, ticket categorization schemes, and ticket prioritization rules.

    Optimize the Service Desk With a Shift-Left Strategy

    Implement tools such as an improved knowledgebase and self-service portal to enable lower tier support staff and end users to resolve incidents or fulfill service requests.

    Incident and Problem Management

    Develop a critical incident management workflow and create standard operating procedures for problem management.

    IT Service Management Selection Guide

    Identify the best-of-breed solution to make the most of your investment and engage the right stakeholders to define success.

    Analyze Your Service Desk Ticket Data

    Develop a framework to track metrics, clean data, and put your data to use for pre-defined timelines.

    Bibliography

    Adiga, Siddanth. “10 Reasons Why ITSM Implementations Fail.” Could Strategy, 6 May 2015. Web.

    Hastie, Shane, and Stéphane Wojewoda. “Standish Group 2015 Chaos Report.” InfoQ, 4 October 2015. Web.

    “How to Manage Change in the Implementation of an ITSM Software.” C2, 20 April 2015. Web.

    Lockwood, Meghan. “First Look: Annual ServiceNow Insight and Vision Executive Summary [eBook].” Acorio, 31 October 2019. Web.

    Mainville, David. “7 Steps to a Successful ITSM Tool Implementation.” Navvia, 2012. Web.

    Rae, Barclay. “Preparing for ITSM Tool Implementation.” Joe the IT Guy, 24 June 2015. Web.

    Rae, Barclay. “Successful ITSM Tool Implementation.” BrightTALK, 9 May 2013. Webcast.

    Rumburg, Jeffrey. “Metric of the Month: Agent Training Hours.” MetricNet, 2012. Web.

    Capture and Market the ROI of Your VMO

    • Buy Link or Shortcode: {j2store}212|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $108,234 Average $ Saved
    • member rating average days saved: 9 Average Days Saved
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management
    • All IT organizations are dependent on their vendors for technology products, services, and solutions to support critical business functions.
    • Measuring the impact of and establishing goals for the vendor management office (VMO) to maximize its effectiveness requires an objective and quantitative approach whenever possible.
    • Sharing the VMO’s impact internally is a balancing act between demonstrating value and self-promotion.

    Our Advice

    Critical Insight

    • The return on investment (ROI) calculation for your VMO must be customized. The ROI components selected must match your VMO ROI maturity, resources, and roadmap. There is no one-size-fits-all approach to calculating VMO ROI.
    • ROI contributions come from many areas and sources. To maximize the VMO’s ROI, look outside the traditional framework of savings and cost avoidance to vendor-facing interactions and the impact the VMO has on internal departments.

    Impact and Result

    • Quantifying the contributions of the VMO takes the guess work out of whether the VMO is performing adequately.
    • Taking a comprehensive approach to measuring the value created by the VMO and the ROI associated with it will help the organization appreciate the importance of the VMO.
    • Establishing goals for the VMO with the help of the executives and key stakeholders ensures that the VMO is supporting the needs of the entire organization.

    Capture and Market the ROI of Your VMO Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should calculate and market internally your VMO’s ROI, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Get organized

    Begin the process by identifying your VMO’s ROI maturity level and which calculation components are most appropriate for your situation.

    • Capture and Market the ROI of the VMO – Phase 1: Get Organized
    • VMO ROI Maturity Assessment Tool
    • VMO ROI Calculator and Tracker
    • VMO ROI Data Source Inventory and Evaluation Tool
    • VMO ROI Summary Template

    2. Establish baseline

    Set measurement baselines and goals for the next measurement cycle.

    • Capture and Market the ROI of the VMO – Phase 2: Establish Baseline
    • VMO ROI Baseline and Goals Tool

    3. Measure and monitor results

    Measure the VMO's ROI and value created by the VMO’s efforts and the overall internal satisfaction with the VMO.

    • Capture and Market the ROI of the VMO – Phase 3: Measure and Monitor Results
    • RFP Cost Estimator
    • Improvements in Working Capital Estimator
    • Risk Estimator
    • General Process Cost Estimator and Delta Estimator
    • VMO Internal Client Satisfaction Survey
    • Vendor Security Questionnaire
    • Value Creation Worksheet
    • Deal Summary Report Template

    4. Report results

    Report the results to key stakeholders and executives in a way that demonstrates the value added by the VMO to the entire organization.

    • Capture and Market the ROI of the VMO – Phase 4: Report Results
    • Internal Business Review Agenda Template
    • IT Spend Analytics
    • VMO ROI Reporting Worksheet
    • VMO ROI Stakeholder Report Template
    [infographic]

    Workshop: Capture and Market the ROI of Your VMO

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Get Organized

    The Purpose

    Determine how you will measure the VMO’s ROI.

    Key Benefits Achieved

    Focus your measurement on the appropriate activities.

    Activities

    1.1 Determine your VMO’s maturity level and identify applicable ROI measurement categories.

    1.2 Review and select the appropriate ROI formula components for each applicable measurement category.

    1.3 Compile a list of potential data sources, evaluate the viability of each data source selected, and assign data collection and analysis responsibilities.

    1.4 Communicate progress and proposed ROI formula components to executives and key stakeholders for feedback and/or approval/alignment.

    Outputs

    VMO ROI maturity level and first step of customizing the ROI formula components.

    Second and final step of customizing the ROI formula components…what will actually be measured.

    Viable data sources and assignments for team members.

    A progress report for key stakeholders and executives.

    2 Establish Baseline

    The Purpose

    Set baselines to measure created value against.

    Key Benefits Achieved

    ROI contributions cannot be objectively measured without baselines.

    Activities

    2.1 Gather baseline data.

    2.2 Calculate/set baselines.

    2.3 Set SMART goals.

    2.4 Communicate progress and proposed ROI formula components to executives and key stakeholders for feedback and/or approval/alignment.

    Outputs

    Data to use for calculating baselines.

    Baselines for measuring ROI contributions.

    Value creation goals for the next measurement cycle.

    An updated progress report for key stakeholders and executives.

    3 Measure and Monitor Results

    The Purpose

    Calculate the VMO’s ROI.

    Key Benefits Achieved

    An understanding of whether the VMO is paying for itself.

    Activities

    3.1 Assemble the data and calculate the VMO’s ROI.

    3.2 Organize the data for the reporting step.

    Outputs

    The VMO’s ROI expressed in terms of how many times it pays for itself (e.g. 1X, 3X, 5X).

    Determine which supporting data will be reported.

    4 Report Results

    The Purpose

    Report results to stakeholders.

    Key Benefits Achieved

    Stakeholders understand the value of the VMO.

    Activities

    4.1 Create a reporting template.

    4.2 Determine reporting frequency.

    4.3 Decide how the reports will be distributed or presented.

    4.4 Send out a draft report and update based on feedback.

    Outputs

    A template for reporting ROI and supporting data.

    A decision about quarterly or annual reports.

    A decision regarding email, video, and in-person presentation of the ROI reports.

    Final ROI reports.

    Enterprise Application Selection and Implementation

    • Buy Link or Shortcode: {j2store}29|cart{/j2store}
    • Related Products: {j2store}29|crosssells{/j2store}
    • member rating overall impact (scale of 10): 9.0/10
    • member rating average dollars saved: $37,356
    • member rating average days saved: 34
    • Parent Category Name: Applications
    • Parent Category Link: /applications

    The challenge

    • Large scale implementations are prone to failure. This is probably also true in your company. Typically large endeavors like this overrun the budget, are late to deliver, or are abandoned altogether. It would be best if you manage your risks when starting such a new project.

    Our advice

    Insight

    • Large-scale software implementations continue to fail at very high rates. A recent report by McKinsey & Company estimates that 66% go over budget, 33% over time, and 17% delivered less value than expected. Most companies will survive a botched implementation, but 17% threatened the existence of the company involved.
    • With all the knowledge sharing that we have today with oodles of data at our disposal, we should expect IT-providers to have clear, standardized frameworks to handle these implementations. But projects that overrun by more than 200% still occur more often than you may think.
    • When you solicit a systems integrator (SI), you want to equip yourself to manage the SI and not be utterly dependent on their methodology.

    Impact and results 

    • You can assume proper accountability for the implementation and avoid over-reliance on the systems integrator.
    • Leverage the collective knowledge and advice of additional IT professionals
    • Review the pitfalls and lessons learned from failed integrations.
    • Manage risk at every stage.
    • Perform a self-assessment at various stages of the integration path.

    The roadmap

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    Executive Summary

    Determine the rations for your implementation

    See if a custom-of-the-shelf process optimization makes sense.

    • Storyboard: Govern and Manage an Enterprise Software Implementation (ppt)

    Prepare

    Determine the right (level of) governance for your implementation.

    • Large Software Implementation Maturity Assessment Tool (xls)
    • Project Success Measurement Tool (xls)
    • Risk Mitigation Plan Template (xls)

    Plan and analyze

    Prepare for the overall implementation journey and gather your requirements. Then conduct a stage-gate assessment of this phase.

    • Project Phases Entry and Exit Criteria Checklist Tool (xls)
    • Project Lessons Learned Document (doc)

    Design, build and deploy

    Conduct a stage-gate assessment after every step below.

    • Make exact designs of the software implementation and ensure that all stakeholders and the integrator completely understand.
    • Build the solution according to the requirements and designs.
    • Thoroughly test and evaluate that the implementation meets your business expectations. 
    • Then deploy

    Initiate your roadmap

    Review your dispositions to ensure they align with your goals. 

    • Build an Application Rationalization Framework – Phase 4: Initiate Your Roadmap (ppt)
    • Disposition Prioritization Tool (xls)

    Get the Best Discount Possible With a Data-Driven Negotiation Approach

    • Buy Link or Shortcode: {j2store}610|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Selection & Implementation
    • Parent Category Link: /selection-and-implementation
    • Vendors have well-honed negotiation strategies that don’t prioritize the customer’s best interest, and they will take advantage of your weaknesses to extract as much money as they can from the deal.
    • IT teams are often working with time pressure and limited resources or experience in negotiation. Even those with an experienced procurement team aren’t evenly matched with the vendor when it comes to the ins and outs of the product.
    • As a result, many have a poor negotiation experience and fail to get the discount they wanted, ultimately leading to dissatisfaction with the vendor.

    Our Advice

    Critical Insight

    • Requirements should always come first, but IT leaders are under pressure to get discounts and cost ends up playing a big role in decision making.
    • Cost is one of the top factors influencing satisfaction with software and the decision to leave a vendor.
    • The majority of software customers are receiving a discount. If you’re in the minority who are not, there are strategies you can and should be using to improve your negotiating skills. Discounts of up to 40% off list price are available to those who enter negotiations prepared.

    Impact and Result

    • SoftwareReviews data shows that there are multiple benefits to taking a concerted approach to negotiating a discount on your software.
    • The most common ways of getting a discount (e.g. volume purchasing) aren’t necessarily the best methods. Choose a strategy that is appropriate for your organization and vendor relationship and that focuses on maximizing the value of your investment for the long term. Optimizing usage or licenses as a discount strategy leads to the highest software satisfaction.
    • Using a vendor negotiation service or advisory group was one of the most successful strategies for receiving a discount. If your team doesn’t have the right negotiation expertise, Info-Tech can help.

    Get the Best Discount Possible With a Data-Driven Negotiation Approach Research & Tools

    Prepare to negotiate

    Leverage insights from SoftwareReviews data to best position yourself to receive a discount through your software negotiations.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Get the Best Discount Possible with a Data-Driven Negotiation Approach Storyboard
    [infographic]

    Integrate Threat Intelligence Into Your Security Operations

    • Buy Link or Shortcode: {j2store}320|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: 2 Average Days Saved
    • member rating average days saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • Parent Category Name: Threat Intelligence & Incident Response
    • Parent Category Link: /threat-intelligence-incident-response
    • Organizations have limited visibility into their threat landscape, and as such are vulnerable to the latest attacks, hindering business practices, workflow, revenue generation, and damaging their public image.
    • Organizations are developing ad hoc intelligence capabilities that result in operational inefficiencies, the misalignment of resources, and the misuse of their security technology investments.
    • It is difficult to communicate the value of a threat intelligence solution when trying to secure organizational buy-in and the appropriate resourcing.
    • There is a vast array of “intelligence” in varying formats, often resulting in information overload.

    Our Advice

    Critical Insight

    1. Information alone is not actionable. A successful threat intelligence program contextualizes threat data, aligns intelligence with business objectives, and then builds processes to satisfy those objectives.
    2. Your security controls are diminishing in value (if they haven’t already). As technology in the industry evolves, threat actors will inevitably adopt new tools, tactics, and procedures; a threat intelligence program can provide relevant situational awareness to stay on top of the rapidly-evolving threat landscape.
    3. Your organization might not be the final target, but it could be a primary path for attackers. If you exist as a third-party partner to another organization, your responsibility in your technology ecosystem extends beyond your own product/service offerings. Threat intelligence provides visibility into the latest threats, which can help you avoid becoming a backdoor in the next big data breach.

    Impact and Result

    • Assess the needs and intelligence requirements of key stakeholders.
    • Garner organizational buy-in from senior management.
    • Identify organizational intelligence gaps and structure your efforts accordingly.
    • Understand the different collection solutions to identify which best supports your needs.
    • Optimize the analysis process by leveraging automation and industry best practices.
    • Establish a comprehensive threat knowledge portal.
    • Define critical threat escalation protocol.
    • Produce and share actionable intelligence with your constituency.
    • Create a deployment strategy to roll out the threat intelligence program.
    • Integrate threat intelligence within your security operations.

    Integrate Threat Intelligence Into Your Security Operations Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should implement a threat intelligence program, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Plan for a threat intelligence program

    Assess current capabilities and define an ideal target state.

    • Integrate Threat Intelligence Into Your Security Operations – Phase 1: Plan for a Threat Intelligence Program
    • Security Pressure Posture Analysis Tool
    • Threat Intelligence Maturity Assessment Tool
    • Threat Intelligence Project Charter Template
    • Threat Intelligence RACI Tool
    • Threat Intelligence Management Plan Template
    • Threat Intelligence Policy Template

    2. Design an intelligence collection strategy

    Understand the different collection solutions to identify which best supports needs.

    • Integrate Threat Intelligence Into Your Security Operations – Phase 2: Design an Intelligence Collection Strategy
    • Threat Intelligence Prioritization Tool
    • Threat Intelligence RFP MSSP Template

    3. Optimize the intelligence analysis process

    Begin analyzing and acting on gathered intelligence.

    • Integrate Threat Intelligence Into Your Security Operations – Phase 3: Optimize the Intelligence Analysis Process
    • Threat Intelligence Malware Runbook Template

    4. Design a collaboration and feedback program

    Stand up an intelligence dissemination program.

    • Integrate Threat Intelligence Into Your Security Operations – Phase 4: Design a Collaboration and Feedback Program
    • Threat Intelligence Alert Template
    • Threat Intelligence Alert and Briefing Cadence Schedule Template
    [infographic]

    Threat Preparedness Using MITRE ATT&CK®

    • Buy Link or Shortcode: {j2store}252|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Security Strategy & Budgeting
    • Parent Category Link: /security-strategy-and-budgeting
    • To effectively protect your business interests, you need to be able to address what the most pressing vulnerabilities in your network are. Which attack vectors should you model first? How do you adequately understand your threat vectors when attacks continually change and adapt?
    • Security can often be asked the world but given a minimal budget with which to accomplish it.
    • Security decisions are always under pressure from varying demands that pull even the most well-balanced security team in every direction.
    • Adequately modeling any and every possible scenario is ineffective and haphazard at best. Hoping that you have chosen the most pressing attack vectors to model will not work in the modern day of threat tactics.

    Our Advice

    Critical Insight

    • Precision is critical to being able to successfully defend against threats.
      • Traditional threat modeling such as STRIDE or PASTA is based on a spray-and-pray approach to identifying your next potential threat vector. Instead, take a structured risk-based approach to understanding both an attacker’s tactics and how they may be used against your enterprise. Threat preparedness requires precision, not guesswork.
    • Knowing is half the battle.
      • You may be doing better than you think. Undoubtedly, there is a large surface area to cover with threat modeling. By preparing beforehand, you can separate what’s important from what’s not and identify which attack vectors are the most pressing for your business.
    • Be realistic and measured.
      • Do not try to remediate everything. Some attack vectors and approaches are nearly impossible to account for. Take control of the areas that have reasonable mitigation methods and act on those.
    • Identify blind spots.
      • Understand what is out there and how other enterprises are being attacked and breached. See how you stack up to the myriad of attack tactics that have been used in real-life breaches and how prepared you are. Know what you’re ready for and what you’re not ready for.
    • Analyze the most pressing vectors.
      • Prioritize the attack vectors that are relevant to you. If an attack vector is an area of concern for your business, start there. Do not cover the entire tactics list if certain areas are not relevant.
    • Detection and mitigation lead to better remediation.
      • For each relevant tactic and techniques, there are actionable detection and mitigation methods to add to your list of remediation efforts.

    Impact and Result

    Using the MITRE ATT&CK® framework, Info-Tech’s approach helps you understand your preparedness and effective detection and mitigation actions.

    • Learn about potential attack vectors and the techniques that hostile actors will use to breach and maintain a presence on your network.
    • Analyze your current protocols versus the impact of an attack technique on your network.
    • Discover detection and mitigation actions.
    • Create a prioritized series of security considerations, with basic actionable remediation items. Plan your next threat model by knowing what you’re vulnerable to.
    • Ensure business data cannot be leaked or stolen.
    • Maintain privacy of data and other information.
    • Secure the network connection points.
    • Mitigate risks with the appropriate services.

    This blueprint and associated tool are scalable for all types of organizations within various industry sectors, allowing them to know what types of risk they are facing and what security services are recommended to mitigate those risks.

    Threat Preparedness Using MITRE ATT&CK® Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why threat preparedness is a crucial first step in defending your network against any attack type. Review Info-Tech’s methodology and understand the ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Attack tactics and techniques

    Review a breakdown of each of the various attack vectors and their techniques for additional context and insight into the most prevalent attack tactics.

    • Threat Preparedness Using MITRE ATT&CK® – Phase 1: Attack Tactics and Techniques

    2. Threat Preparedness Workbook mapping

    Map your current security protocols against the impacts of various techniques on your network to determine your risk preparedness.

    • Threat Preparedness Using MITRE ATT&CK® – Phase 2: Threat Preparedness Workbook Mapping
    • Enterprise Threat Preparedness Workbook

    3. Execute remediation and detective measures

    Use your prioritized attack vectors to plan your next threat modeling session with confidence that the most pressing security concerns are being addressed with substantive remediation actions.

    • Threat Preparedness Using MITRE ATT&CK® – Phase 3: Execute Remediation and Detective Measures
    [infographic]

    Enterprise Architecture Trends

    • Buy Link or Shortcode: {j2store}584|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Strategy & Operating Model
    • Parent Category Link: /strategy-and-operating-model
    • The digital transformation journey brings business and technology increasingly closer.
    • Because the two become more and more intertwined, the role of the enterprise architecture increases in importance, aligning the two in providing additional efficiencies.
    • The current need for an accelerated digital transformation elevates the importance of enterprise architecture.

    Our Advice

    Critical Insight

    • Enterprise architecture is impacted and has an increasing role in the following areas:
      • Business agility
      • Security
      • Innovation
      • Collaborative EA
      • Tools and automation

    Impact and Result

    EA’s role in brokering and negotiating overlapping areas can lead to the creation of additional efficiencies at the enterprise level.

    Enterprise Architecture Trends Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Enterprise Architecture Trends Deck – A trend report to support executives as they digitally transform the enterprise.

    In an accelerated path to digitization, the increasingly important role of enterprise architecture is one of collaboration across siloes, inside and outside the enterprise, in a configurable way that allows for quick adjustment to new threats and conditions, while embracing unprecedented opportunities to scale, stimulating innovation, in order to increase the organization’s competitive advantage.

    • Enterprise Architecture Trends Report

    Infographic

    Further reading

    Enterprise Architecture Trends

    Supporting Executives to Digitally Transform the Enterprise

    Analyst Perspective

    Enterprise architecture, seen as the glue of the organization, aligns business goals with all the other aspects of the organization, providing additional effectiveness and efficiencies while also providing guardrails for safety.

    In an accelerated path to digitization, the increasingly important role of enterprise architecture (EA) is one of collaboration across siloes, inside and outside the enterprise, in a configurable way that allows for quick adjustment to new threats and conditions while embracing unprecedented opportunities to scale, stimulating innovation to increase the organization’s competitive advantage.

    Photo of Milena Litoiu, Principal/Senior Director, Enterprise Architecture, Info-Tech Research Group.

    Milena Litoiu
    Principal/Senior Director, Enterprise Architecture
    Info-Tech Research Group

    Accelerated digital transformation elevates the importance of EA

    The Digital transformation journey brings Business and technology increasingly closer.

    Because the two become more and more intertwined, the role OF Enterprise Architecture increases in importance, aligning the two in providing additional efficiencies.

    THE Current need for an accelerated Digital transformation elevates the importance of Enterprise Architecture.

    More than 70% of organizations revamp their enterprise architecture programs. (Info-Tech Tech Trends 2022 Survey)

    Most organizations still see a significant gap between the business and IT.

    Enterprise Architecture (EA) is impacted and has an increasing role in the following areas

    Accelerated Digital Transformation

    • Business agility Business agility, needed more that ever, increases reliance on enterprise strategies.
      EA creates alignment between business and IT to improve business nimbleness.
    • Security More sophisticated attacks require more EA coordination.
      EA helps adjust to the increasing sophistication of external threats. Partnering with the CISO office to develop strategies to protect the enterprise becomes a prerequisite for survival.
    • Innovation EA's role in an innovation increases synergies at the enterprise level.
      EA plays an increasingly stronger role in innovation, from business endeavors to technology, across business units, etc.
    • Collaborative EA Collaborative EA requires new ways of working.
      Enterprise collaboration gains new meaning, replacing stiff governance.
    • Tools & automation Tools-based automation becomes increasingly common.
      Tools support as well as new artificial intelligence or machine- learning- powered approaches help achieve tools-assisted coordination across viewpoints and teams.

    Info-Tech Insight

    EA's role in brokering and negotiating overlapping areas can lead to the creation of additional efficiencies at the enterprise level.

    EA Enabling Business Agility

    Trend 01 — Business Agility is needed more than ever and THIS increases reliance on enterprise Strategies. to achieve nimbleness, organizations need to adapt timely to changes in the environment.

    Approaches:
    A plethora of approaches are needed (e.g. architecture modularity, data integration, AI/ML) in addition to other Agile/iterative approaches for the entire organization.

    Release management

    • Buy Link or Shortcode: {j2store}9|cart{/j2store}
    • Related Products: {j2store}9|crosssells{/j2store}
    • Up-Sell: {j2store}9|upsells{/j2store}
    • member rating overall impact (scale of 10): 10.0/10
    • member rating average dollars saved: $35,731
    • member rating average days saved: 20
    • Parent Category Name: Infra and Operations
    • Parent Category Link: /infra-and-operations
    Today's world requires frequent and fast deployments. Stay in control with release management.

    External audit company

    External IT audit of your company

    Based on experience
    Implementable advice
    human-based and people-oriented

    Do you seek an external expert to help you prepare for a thorough IT audit of your company? Tymans Group serves as a consulting company with extensive expertise in helping small and medium enterprises. Read on and learn more about how our consulting firm can help your company with an external IT audit.

    Why should you organize an external IT audit of your company?

    Regularly preparing for an IT audit of your company with the help of of an experienced consultancy company like Tymans Group is a great way to discover any weaknesses within your IT and data security management systems, as well as your applications and data architecture, before the real audits by your regulator happen After all, you can only tackle any possible issues when you know their exact nature and origin. Additionally, the sooner you are aware of any security threats in your company thanks to an external audit, the smaller the chances outside forces will be able to take advantage of these threats to harm your business.

    Security and risk management

    Our security and risk services

    Security strategy

    Security Strategy

    Embed security thinking through aligning your security strategy to business goals and values

    Read more

    Disaster Recovery Planning

    Disaster Recovery Planning

    Create a disaster recovey plan that is right for your company

    Read more

    Risk Management

    Risk Management

    Build your right-sized IT Risk Management Program

    Read more

    Check out all our services

    Receive practical solutions when using our guides to prepare you for an external audit.

    If you hire our consultancy firm to prepare for an external IT audit in your firm, our guides will allow you to thoroughly analyze your systems and protocols to discover flaws and threats. Based on this analysis, your firm will receive concrete advice and practical solutions on dealing with the findings of in advance of an external audit. Besides identifying threats, the findings of will also offer your business insights in possible optimizations and processes which could benefit from automation. As such, you benefit from our consultancy company’s extensive experience in corporate security management and IT.

    Book an appointment with our consultancy company to get ahead of an external audit.

    If you hire our consulting company to help you prepare for an IT audit of your firm, you will receive guides that enable you to make a critical analysis of your IT security, as well as practical solutions based on our holistic approach. We are happy to tell you more about our services for small and medium business and to offer insights into any issues you may be facing. Our help is available offline and online, through one-hour talks with our expert Gert Taeymans. Contact us to set up an appointment online or on-site now.

    Continue reading

    The Essential COVID-19 Childcare Policy for Every Organization, Yesterday

    • Buy Link or Shortcode: {j2store}598|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Manage & Coach
    • Parent Category Link: /manage-coach
    • Helping employees navigate personal and business responsibilities to find solutions that ensure both are taken care of.
    • Reducing potential disruption to business operations through employee absenteeism due to increased care-provider responsibilities.

    Our Advice

    Critical Insight

    • Remote work is complicated by children at home with school closures. Implement alternative temporary work arrangements that allow and support employees to balance work and personal obligations.
    • Adjustments to work arrangements and pay may be necessary. Temporary work arrangements while caring for dependents over a longer-term pandemic may require adjustments to the duties carried out, number of hours worked, and adjustments to employee pay.
    • Managing remotely is more than staying in touch by phone. As a leader you will need to provide clear options that provide solutions to your employees to avoid them getting overwhelmed while taking care of the business to ensure there is a business long term.

    Impact and Result

    • Develop a policy that provides parameters around mutually agreed adjustments to performance levels while balancing dependent care with work during a pandemic.
    • Take care of the business through clear guidelines on compensation while taking care of the health and wellness of your people.
    • Develop detailed work-from-home plans that lessen disruption to your work while taking care of children or aged parents.

    The Essential COVID-19 Childcare Policy for Every Organization, Yesterday Research & Tools

    Start here. Read The Essential COVID-19 Childcare Policy for Every Organization, Yesterday

    Read our recommendations and follow the steps to develop a policy that will help your employees work productively while managing care-provider responsibilities at home.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • The Essential COVID-19 Childcare Policy for Every Organization, Yesterday Storyboard
    • Pandemic Dependent Care Policy
    • COVID-19 Dependent Care Policy Manager Action Toolkit
    • COVID-19 Dependent Care Policy Employee Guide
    • Dependent-Flextime Agreement Template
    • Workforce Planning Tool
    • Nine Ways to Support Working Caregivers Today
    • Employee Resource Group (ERG) Charter Template
    [infographic]

    Responsibly Resume IT Operations in the Office

    • Buy Link or Shortcode: {j2store}423|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: DR and Business Continuity
    • Parent Category Link: /business-continuity

    Having shifted operations almost overnight to a remote work environment, and with the crisis management phase of the COVID-19 pandemic winding down, IT leaders and organizations are faced with the following issues:

    • A reduced degree of control with respect to the organization’s assets.
    • Increased presence of unapproved workaround methods, including applications and devices not secured by the organization.
    • Pressure to resume operations at pre-pandemic cadence while still operating in recovery mode.
    • An anticipated game plan for restarting the organization’s project activities.

    Our Advice

    Critical Insight

    An organization’s shift back toward the pre-pandemic state cannot be carried out in isolation. Things have changed. Budgets, resource availability, priorities, etc., will not be the same as they were in early March. Organizations must ensure that all departments work collaboratively to support office repatriation. IT must quickly identify the must-dos to allow safe return to the office, while prioritizing tasks relating to the repopulation of employees, technical assets, and operational workloads via an informed and streamlined roadmap.

    As employees return to the office, PMO and portfolio leaders must sift through unclear requirements and come up with a game plan to resume project activities mid-pandemic. You need to develop an approach, and fast.

    Impact and Result

    Responsibly resume IT operations in the office:

    • Evaluate risk tolerance
    • Prepare to repatriate people to the office
    • Prepare to repatriate assets to the office
    • Prepare to repatriate workloads to the office
    • Prioritize your tasks and build your roadmap

    Quickly restart the engine of your PPM:

    • Restarting the engine of the project portfolio won’t be as simple as turning a key and hitting the gas. The right path forward will differ for every project portfolio practice.
    • Therefore, in this publication we put forth a multi-pass approach that PMO and portfolio managers can follow depending on their unique situations and needs.
    • Each approach is accompanied by a checklist and recommendations for next steps to get you on right path fast.

    Responsibly Resume IT Operations in the Office Research & Tools

    Start here – read the Executive Brief

    As the post-pandemic landscape begins to take shape, ensure that IT can effectively prepare and support your employees as they move back to the office.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Evaluate your new risk tolerance

    Identify the new risk landscape and risk tolerance for your organization post-pandemic. Determine how this may impact the second wave of pandemic transition tasks.

    • Responsibly Resume IT Operations in the Office – Phase 1: Evaluate Your New Risk Tolerance
    • Resume Operations Information Security Pressure Analysis Tool

    2. Repatriate people to the office

    Prepare to return your employees to the office. Ensure that IT takes into account the health and safety of employees, while creating an efficient and sustainable working environment

    • Responsibly Resume IT Operations in the Office – Phase 2: Repatriate People to the Office
    • Mid-Pandemic IT Prioritization Tool

    3. Repatriate assets to the office

    Prepare the organization's assets for return to the office. Ensure that IT takes into account the off-license purchases and new additions to the hardware family that took place during the pandemic response and facilitates a secure reintegration to the workplace.

    • Responsibly Resume IT Operations in the Office – Phase 3: Repatriate Assets to the Office

    4. Repatriate workloads to the office

    Prepare and position IT to support workloads in order to streamline office reintegration. This may include leveraging pre-existing solutions in different ways and providing additional workstreams to support employee processes.

    • Responsibly Resume IT Operations in the Office – Phase 4: Repatriate Workloads to the Office

    5. Prioritize your tasks and build the roadmap

    Once you've identified IT's supporting tasks, it's time to prioritize. This phase walks through the activity of prioritizing based on cost/effort, alignment to business, and security risk reduction weightings. The result is an operational action plan for resuming office life.

    • Responsibly Resume IT Operations in the Office – Phase 5: Prioritize Your Tasks and Build the Roadmap

    6. Restart the engine of your project portfolio

    Restarting the engine of the project portfolio mid-pandemic won’t be as simple as turning a key and hitting the gas. Use this concise research to find the right path forward for your organization.

    • Restart the Engine of Your Project Portfolio
    [infographic]

    Manage Requirements in an Agile Environment

    • Buy Link or Shortcode: {j2store}522|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Requirements & Design
    • Parent Category Link: /requirements-and-design

    The process of navigating from waterfall to Agile can be incredibly challenging. Even more problematic; how do you operate your requirements management practices once there? There traditionally isn’t a role for a business analyst, the traditional keeper of requirements. It isn’t like switching on a light.

    You likely find yourself struggling to deliver high quality solutions and requirements in Agile. This is a challenge for many organizations, regardless of how long they’ve leveraged Agile.

    But you aren’t here for assurances. You’re here for answers and help.

    Our Advice

    Critical Insight

    Agile and requirements management are complementary, not competitors.

    Impact and Result

    Info-Tech’s advice? Why choose? Why have to pick between traditional waterfall and Agile delivery? If Agile without analysis is a recipe for disaster, Agile with analysis is the solution. How can you leverage the Info-Tech approach to align your Agile and requirements management efforts into a powerful combination?

    Manage Requirements in an Agile Environment is your guide.

    Use the contents and exercises of this blueprint to gain a shared understanding of the two disciplines, to find your balance in your approach, to define your thresholds, and ultimately, to prepare for new ways of working.

    Manage Requirements in an Agile Environment Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Manage Requirements in an Agile Environment Blueprint – Agile and Requirements Management are complementary, not competitors

    Provides support and guidance for organizations struggling with their requirements management practices in Agile environments.

    • Manage Requirements in an Agile Environment Storyboard

    2. Agile Requirements Playbook – A practical playbook for aligning your teams, and articulating the guidelines for managing your requirements in Agile.

    The Agile Requirements Playbook becomes THE artifact for your Agile requirements practices. Great for onboarding, reviewing progress, and ensuring a shared understanding of your ways of working.

    • Agile Requirements Playbook

    3. Documentation Calculator – A tool for determining the right level of documentation for your organization, and whether you’re spending too much, or even not enough, on Agile Requirements documentation.

    The Documentation Calculator can inform your documentation decison making, ensuring you're investing just the right amount of time, money, and effort.

    • Documentation Calculator

    4. Agile Requirements Workbook – Supporting tools and templates in advancing your Agile Requirements practice, to be used in conjunction with the Agile Requirements Blueprint, and the Playbook.

    This workbook is designed to capture the results of your exercises in the Manage Requirements in an Agile Environment Storyboard. Each worksheet corresponds to an exercise in the storyboard. This is a tool for you, so customize the content and layout to best suit your product. The workbook is also a living artifact that should be updated periodically as the needs of your team and organization change.

    • Agile Requirements Workbook

    5. Agile Requirements Assessment – Establishes your current Agile requirements maturity, defines your target maturity, and supports planning to get there.

    The Agile Requirements Assessment is a great tool for determining your current capabilities and maturity in Agile and Business Analysis. You can also articulate your target state, which enables the identification of capability gaps, the creation of improvement goals, and a roadmap for maturing your Agile Requirements practice.

    • Agile Requirements Assessment

    Infographic

    Workshop: Manage Requirements in an Agile Environment

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Framing Agile and Business Analysis

    The Purpose

    Sets the context for the organization, to ensure a shared understanding of the benefits of both Agile and business analysis/requirements management.

    Key Benefits Achieved

    Have a shared definition of Agile and business analysis / requirements.

    Understand the current state of Agile and business analysis in your organization.

    Activities

    1.1 Define what Agile and business analysis mean in your organization.

    1.2 Agile requirements assessment.

    Outputs

    Alignment on Agile and business analysis / requirements in your organization.

    A current and target state assessment of Agile and business analysis in your organization.

    2 Tailoring Your Approach

    The Purpose

    Confirm you’re going the right way for effective solution delivery.

    Key Benefits Achieved

    Confirm the appropriate delivery methodology.

    Activities

    2.1 Confirm your selected methodology.

    Outputs

    Confidence in your selected project delivery methodology.

    3 Defining Your Requirements Thresholds

    The Purpose

    Provides the guardrails for your Agile requirements practice, to define a high-level process, roles and responsibilities, governance and decision-making, and how to deal with change.

    Key Benefits Achieved

    Clearly defined interactions between the BA and their partners

    Define a plan for management and governance at the project team level

    Activities

    3.1 Define your agile requirements process.

    3.2 Define your agile requirements RACI.

    3.3 Define your governance.

    3.4 Define your change and backlog refinement plan.

    Outputs

    Agile requirements process.

    Agile requirements RACI.

    A governance and documentation plan.

    A change and backlog refinement approach.

    4 Planning Your Next Steps

    The Purpose

    Provides the action plan to achieve your target state maturity

    Key Benefits Achieved

    Recognize and prepare for the new ways of working for communication, stakeholder engagement, within the team, and across the organization.

    Establish a roadmap for next steps to mature your Agile requirements practice.

    Activities

    4.1 Define your stakeholder communication plan.

    4.2 Identify your capability gaps.

    4.3 Plan your agile requirements roadmap.

    Outputs

    A stakeholder communication plan.

    A list of capability gaps to achieve your desired target state.

    A prioritized roadmap to achieve the target state.

    5 Agile Requirements Techniques (Optional)

    The Purpose

    To provide practical guidance on technique usage, which can enable an improved experience with technical elements of the blueprint.

    Key Benefits Achieved

    An opportunity to learn new tools to support your Agile requirements practice.

    Activities

    5.1 Managing requirements' traceability.

    5.2 Creating and managing user stories.

    5.3 Managing your requirements backlog.

    5.4 Maintaining a requirements library.

    Outputs

    Support and advice for leveraging a given tool or technique.

    Support and advice for leveraging a given tool or technique.

    Support and advice for leveraging a given tool or technique.

    Support and advice for leveraging a given tool or technique.

    Further reading

    Manage Requirements in an Agile Environment

    Agile and requirements management are complementary, not competitors

    Analyst's Perspective

    The temptation when moving to Agile is to deemphasize good requirements practices in favor of perceived speed. If you're not delivering on the needs of the business then you have failed, regardless of how fast you've gone.

    Delivery in Agile doesn't mean you stop needing solid business analysis. In fact, it's even more critical, to ensure your products and projects are adding value. With the rise of Agile, the role of the business analyst has been misunderstood.

    As a result, we often throw out the analysis with the bathwater, thinking we'll be just fine without analysis, documentation, and deliberate action, as the speed and dexterity of Agile is enough.

    Consequently, what we get is wasted time, money, and effort, with solutions that fail to deliver value, or need to be re-worked to get it right.

    The best organizations find balance between these two forces, to align, and gain the benefits of both Agile and business analysis, working in tandem to manage requirements that bring solutions that are "just right".

    This is a picture of Vincent Mirabelli

    Vincent Mirabelli
    Principal Research Director, Applications Delivery and Management
    Info-Tech Research Group

    EXECUTIVE BRIEF

    Executive Summary

    Your Challenge

    The process of navigating from waterfall to Agile can be incredibly challenging. And even more problematic; how do you operate your requirements management practices once there? Since there traditionally isn't a role for a business analyst; the traditional keeper of requirements. it isn't like switching on a light.

    You likely find yourself struggling to deliver high quality solutions and requirements in Agile. This is a challenge for many organizations, regardless of how long they've leveraged Agile.

    But you aren't here for assurances. You're here for answers and help.

    Common Obstacles

    many organizations and teams face is that there are so busy doing Agile that they fail to be Agile.

    Agile was supposed to be the saving grace of project delivery but is misguided in taking the short-term view of "going quickly" at the expense of important elements, such as team formation and interaction, stakeholder engagement and communication, the timing and sequencing of analysis work, decision-making, documentation, and dealing with change.

    The idea that good requirements just happen because you have user stories is wrong. So, requirements remain superficial, as you "can iterate later"…but sometimes later never comes, or doesn't come fast enough.

    Organizations need to be very deliberate when aligning their Agile and requirements management practices. The work is the same. How the work is done is what changes.

    Info-Tech's Approach

    Infotech's advice? Why choose? Why have to pick between traditional waterfall and Agile delivery? If Agile without analysis is a recipe for disaster, Agile with analysis is the solution. And how can you leverage the Info-Tech approach to align your Agile and requirements management efforts into a powerful combination?

    Manage Requirements in an Agile Environment is your guide.

    Use the contents and exercises of this blueprint to gain a shared understanding of the two disciplines, to find your balance in your approach, to define your thresholds, and ultimately, to prepare for new ways of working.

    Info-Tech Insight

    Agile and requirements management are complementary, not competitors.

    The temptation when moving to Agile is to deemphasize good requirements practices in favor of perceived speed. If you're not delivering on the needs of the business, then you have failed, regardless of how fast you've gone.

    Insight summary

    Overarching insight

    Agile and requirements management are complementary, not competitors.

    The temptation when moving to Agile is to deemphasize good requirements practices in favor of perceived speed. If you're not delivering on the needs of the business, then you have failed, regardless of how fast you've gone

    Phase 1 insight

    • The purpose of requirements in waterfall is for approval. The purpose in Agile is for knowledge management, as Agile has no memory.
    • When it comes to the Agile manifesto, "over" does not mean "instead of".
    • In Agile, the what of business analysis does doesn't change. What does change is the how and when that work happens.

    Phase 2 insight

    • Understand your uncertainties; it's a great way to decide what level of Agile (if any) is needed.
    • Finding your "Goldilocks" zone will take time. Be patient.

    Phase 3 insight

    • Right-size your governance, based on team dynamics and project complexity. A good referee knows when to step in, and when to let the game flow.
    • Agile creates a social contract amongst the team, and with their leaders and organization.
    • Documentation needs to be valuable. Do what is acceptable and necessary to move work to future steps. Not documenting also comes with a cost, but one you pay in the future. And that bill will come due, with interest (aka, technical debt, operational inefficiencies, etc.).
    • A lack of acceptable documentation makes it more difficult to have agility. You're constantly revalidating your current state (processes, practices and structure) and re-arguing decisions already made. This slows you down more than maintaining documentation ever would.

    Phase 4 insight

    • Making Agile predictable is hard, because people are not predictable; people are prone to chaos.

    There have been many challenges with waterfall delivery

    It turns out waterfall is not that great at reducing risk and ensuring value delivery after all

    • Lack of flexibility
    • Difficulty in measuring progress
    • Difficulties with scope creep
    • Limited stakeholder involvement
    • Long feedback loops

    48%
    Had project deadlines more than double

    85%
    Exceeded their original budget by at least 20%

    25%
    At least doubled their original budget

    This is an image of the waterfall project results

    Source: PPM Express.

    Agile was meant to address the shortcomings of waterfall

    The wait for solutions was too long for our business partners. The idea of investing significant time, money, and resources upfront, building an exhaustive and complete vision of the desired state, and then waiting months or even years to get that solution, became unpalatable for them. And rightfully so. Once we cast a light on the pains, it became difficult to stay with the status quo. Given that organizations evolve at a rapid pace, what was a pain at the beginning of an initiative may not be so even 6 months later.

    Agile became the answer.

    Since its' first appearance nearly 20 years ago, Agile has become the methodology of choice for a many of organizations. According to the 15th Annual State of Agile report, Agile adoption within software development teams increased from 37% in 2020 to 86% in 2021.

    Adopting Agile led to challenges with requirements

    Requirements analysis, design maturity, and management are critical for a successful Agile transformation.

    "One of the largest sources of failure we have seen on large projects is an immature Agile implementation in the context of poorly defined requirements."
    – "Large Scale IT Projects – From Nightmare to Value Creation"

    "Requirements maturity is more important to project outcomes than methodology."
    – "Business Analysis Benchmark: Full Report"

    "Mature Agile practices spend 28% of their time on analysis and design."
    – "Quantitative Analysis of Agile Methods Study (2017): Twelve Major Findings"

    "There exists a Requirements Premium… organizations using poor practices spent 62% more on similarly sized projects than organizations using the best requirements practices."
    – "The Business Case for Agile Business Analysis" - Requirements Engineering Magazine

    Strong stakeholder satisfaction with requirements results in higher satisfaction in other areas

    This is an image of a bar graph comparing the percentage of respondents with high stakeholder satisfaction, to the percentage of respondents with low stakeholder satisfaction for four different categories.  these include: Availability of IT Capacity to Complete Projects; Overall IT Projects; IT Projects Meet Business Needs; Overall IT Satisfaction

    N= 324 small organizations from Info-Tech Research Group's CIO Business Vision diagnostic.

    Note: High satisfaction was classified as organizations with a score greater or equal to eight and low satisfaction was every organization that scored below eight on the same questions.

    Info-Tech's Agile requirements framework

    This is an image of Info-Tech's Agile requirements framework.  The three main categories are: Sprint N(-1); Sprint N; Sprint N(+1)

    Agile requirements are a balancing act

    Collaboration

    Many subject matter experts are necessary to create accurate requirements, but their time is limited too.

    Communication

    Stakeholders should be kept informed throughout the requirements gathering process, but you need to get the right information to the right people.

    Documentation

    Recording, organizing, and presenting requirements are essential, but excessive documentation will slow time to delivery.

    Control

    Establishing control points in your requirements gathering process can help confirm, verify, and approve requirements accurately, but stage gates limit delivery.

    What changes for the business analyst?

    In Agile, the what of business analysis does not change.

    What does change is the how and when that work happens.

    Business analysts need to focus on six key elements when managing requirements in Agile.

    • Team formation and interaction
    • Stakeholder engagement and communication
    • The timing and sequencing of their work
    • Decision-making
    • Documentation
    • Dealing with change

    Where does the business analysis function fit on an Agile team?

    Team formation is key, as Agile is a team sport

    A business analyst in an Agile team typically interacts with several different roles, including:

    • The product owner,
    • The Sponsor or Executive
    • The development team,
    • Other stakeholders such as customers, end-users, and subject matter experts
    • The Design team,
    • Security,
    • Testing,
    • Deployment.

    This is an image the roles who typically interact with a Business Analyst.

    How we do our requirements work will change

    • Team formation and interaction
    • Stakeholder engagement and communication
    • The timing and sequencing of their work
    • Decision-making
    • Documentation
    • Dealing with change

    As a result, you'll need to focus on;

    • Emphasizing flexibility
    • Enabling continuous delivery
    • Enhancing collaboration and communication
    • Developing a user-centered approach

    Get stakeholders on board with Agile requirements

    1. Stakeholder feedback and management support are key components of a successful Agile Requirements.
    2. Stakeholders can see a project's progression and provide critical feedback about its success at critical milestones.
    3. Management helps teams succeed by trusting them to complete projects with business value at top of mind and by removing impediments that are inhibiting their productivity.
    4. Agile will bring a new mindset and significant numbers of people, process, and technology changes that stakeholders and management may not be accustomed to. Working through these issues in requirements management enables a smoother rollout.
    5. Management will play a key role in ensuring long-term Agile requirements success and ultimately rolling it out to the rest of the organization.
    6. The value of leadership involvement has not changed even though responsibilities will. The day-to-day involvement in projects will change but continual feedback will ultimately dictate the success or failure of a project.

    Measuring your success

    Tracking metrics and measuring your progress

    As you implement the actions from this Blueprint, you should see measurable improvements in;

    • Team and stakeholder satisfaction
    • Requirements quality
    • Documentation cost

    Without sacrificing time to delivery

    Metric Description and motivation
    Team satisfaction (%) Expect team satisfaction to increase as a result of clearer role delineation and value contribution.
    Stakeholder satisfaction (%) Expect Stakeholder satisfaction to similarly increase, as requirements quality increases, bringing increased value
    Requirements rework Measures the quality of requirements from your Agile Projects. Expect that the Requirements Rework will decrease, in terms of volume/frequency.
    Cost of documentation Quantifies the cost of documentation, including Elicitation, Analysis, Validation, Presentation, and Management
    Time to delivery Balancing Metric. We don't want improvements in other at the expense of time to delivery

    Info-Tech's methodology for Agile requirements

    1. Framing Agile and Business Analysis

    2. Tailoring Your Approach

    3. Defining Your Requirements Thresholds

    4. Planning Your Next Steps

    Phase Activities

    1.1 Understand the benefits and limitations of Agile and business analysis

    1.2 Align Agile and business analysis within your organization

    2.1 Decide the best-fit approach for delivery

    2.2 Manage your requirements backlog

    3.1 Define project roles and responsibilities

    3.2 Define your level of acceptable documentation

    3.3 Manage requirements as an asset

    3.4 Define your requirements change management plan

    4.1 Preparing new ways of working

    4.2 Develop a roadmap for next steps

    Phase Outcomes

    Recognize the benefits and detriments of both Agile and BA.

    Understand the current state of Agile and business analysis in your organization.

    Confirm the appropriate delivery methodology.

    Manage your requirements backlog.

    Connect the business need to user story.

    Clearly defined interactions between the BA and their partners.

    Define a plan for management and governance at the project team level.

    Documentation and tactics that are right-sized for the need.

    Recognize and prepare for the new ways of working for communication, stakeholder engagement, within the team, and across the organization.

    Establish a roadmap for next steps to mature your Agile requirements practice.

    Blueprint tools and templates

    Key deliverable:

    This is a screenshot from the Agile Requirements Playbook

    Agile Requirements Playbook

    A practical playbook for aligning your teams and articulating the guidelines for managing your requirements in Agile

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    This is a screenshot from the Documentation Calculator

    Documentation Calculator

    A tool to help you answer the question: What is the right level of Agile requirements documentation for my organization?

    This is a screenshot from the Agile Requirements Assessment

    Agile Requirements Assessment

    Establishes your current maturity level, defines your target state, and supports planning to get there.

    This is a screenshot from the Agile Requirements Workbook

    Agile Requirements Workbook

    Supporting tools and templates in advancing your Agile requirements practice, to be used with the Agile Requirements Blueprint and Playbook.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4 Day 5
    1. Framing Agile and Business Analysis / 2. Tailoring Your Approach 3. Defining Your Requirements
    Thresholds
    3. Defining Your Requirements Thresholds / 4. Planning Your Next Steps (OPTIONAL) Agile Requirements Techniques (a la carte) Next Steps and Wrap-Up (Offsite)

    Activities

    What does Agile mean in your organization? What do requirements mean in your organization?

    Agile Requirements Assessment

    Confirm your selected methodology

    Define your Agile requirements process

    Define your Agile requirements RACI (Optional)

    Define your Agile requirements governance

    Defining your change management plan

    Define your

    communication plan

    Capability gap list

    Planning your Agile requirements roadmap

    Managing requirements traceability

    Creating and managing user stories

    Managing your requirements backlog

    Maintaining a requirements library

    Develop Agile Requirements Playbook

    Complete in-progress deliverables from previous four days.

    Set up review time for workshop deliverables and next steps

    Outcomes

    Shared definition of Agile and business analysis / requirements

    Understand the current state of Agile and business analysis in your organization

    Agile requirements process

    Agile requirements RACI (Optional)

    Defined Agile requirements governance and documentation plan

    Change and backlog refinement plan

    Stakeholder communication plan

    Action plan and roadmap for maturing your Agile requirements practice

    Practical knowledge and practice about various tactics and techniques in support of your Agile requirements efforts

    Completed Agile Requirements Playbook

    Guided Implementation

    Phase 1 Phase 2 Phase 3 Phase 4

    Call #1: Scope objectives, and your specific challenges.

    Call #4: Define your approach to project delivery.

    Call #6: Define your Agile requirements process.

    Call #9: Identify gaps from current to target state maturity.

    Call #2: Assess current maturity.

    Call #5: Managing your requirements backlog.

    Call #7: Define roles and responsibilities.

    Call #10: Pprioritize next steps to mature your Agile requirements practice.

    Call #3: Identify target-state capabilities.

    Call #8: Define your change and backlog refinement approach.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 10 calls over the course of 4 to 6 months.

    Framing Agile and Business Analysis

    Phase 1

    Framing Agile and Business Analysis

    Phase 1Phase 2Phase 3Phase 4

    1.1 Understand the benefits and limitations of Agile and business analysis

    1.2 Align Agile and business analysis within your organization

    2.1 Confirm the best-fit approach for delivery

    2.2 manage your requirements backlog

    3.1 Define project roles and responsibilities

    3.2 define your level of acceptable documentation

    3.3 Manage requirements as an asset

    3.4 Define your requirements change management plan

    4.1 Preparing new ways of working

    4.2 Develop a roadmap for next steps

    This phase will walk you through the following activities:

    • EXERCISE: What do Agile and requirements mean in your organization?
    • ASSESSMENT: Agile requirements assessment
    • KEY DELIVERABLE: Agile Requirements Playbook

    This phase involves the following participants:

    • Business analyst and project team
    • Stakeholders
    • Sponsor/Executive

    Managing Requirements in an Agile Environment

    Step 1.1

    Understand the benefits and limitations of Agile and business analysis

    Activities

    1.1.1 Define what Agile and business analysis mean in your organization

    This step involves the following participants:

    • Business analyst and project team
    • Sponsor/Executive

    Outcomes of this step

    • Recognize the benefits and detriments of both Agile and business analysis

    Framing Agile and Business Analysis

    There have been many challenges with waterfall delivery

    It turns out waterfall is not that great at reducing risk and ensuring value delivery after all

    • Lack of flexibility
    • Difficulty in measuring progress
    • Difficulties with scope creep
    • Limited stakeholder involvement
    • Long feedback loops

    48%
    Had project deadlines more than double

    85%
    Exceeded their original budget by at least 20%

    25%
    At least doubled their original budget

    This is an image of the Waterfall Project Results

    Source: PPM Express.

    Business analysis had a clear home in waterfall

    Business analysts had historically been aligned to specific lines of business, in support of their partners in their respective domains. Somewhere along the way, the function was moved to IT. Conceptually this made sense, in that it allowed BAs to provide technical solutions to complex business problems. This had the unintended result of lost domain knowledge, and connection to the business.

    It all starts with the business. IT enables business goals. The closer you can get to the business, the better.

    Business analysts were the main drivers of helping to define the business requirements, or needs, and then decompose those into solution requirements, to develop the best option to solve those problems, or address those needs. And the case for good analysis was clear. The later a poor requirement was caught, the more expensive it was to fix. And if requirements were poor, there was no way to know until much later in the project lifecycle, when the cost to correct them was exponentially higher, to the tune of 10-100x the initial cost.

    This is an image of a graph showing the cost multiplier for Formulating Requirements, Architecture Design, Development, Testing and, Operations

    Adapted from PPM Express. "Why Projects Fail: Business Analysis is the Key".

    Agile was meant to address the shortcomings of waterfall

    The wait for solutions was too long for our business partners. The idea of investing significant time, money, and resources upfront, building an exhaustive and complete vision of the desired state, and then waiting months or even years to get that solution became unpalatable for them. And rightfully so. Once we cast a light on the pains, it became difficult to stand pat in the current state. And besides, organizations evolve at a rapid pace. What was a pain at the beginning of an initiative may not be so even six months later.

    Agile became the answer.

    Since its first appearance nearly 20 years ago, Agile has become the methodology of choice for a huge swathe of organizations. According to the 15th Annual State of Agile report, Agile adoption within software development teams increased from 37% in 2020 to 86% in 2021.

    To say that's significant is an understatement.

    The four core values of Agile helped shift focus

    According to the Agile manifesto, "We value. . ."

    This is an image of what is valued according to the Agile Manifesto.

    "…while there is value in the items on the right, we value the items on the left more."

    Source: Agilemanifesto, 2001

    Agile has made significant inroads in IT and beyond

    94% of respondents report using Agile practices in their organization

    according to Digital.AI's "The 15th State of Agile Report"

    That same report notes a steady expansion of Agile outside of IT, as other areas of the organization seek to benefit from increased agility and responsiveness, including Human Resources, Finance and Marketing.

    While it addressed some problems…

    This is an image of the Waterfall Project Results, compared to Agile Product Results.

    "Agile projects are 37% faster to market than [the] industry average"

    (Requirements Engineering Magazine, 2017)

    • Business requirements documents are massive and unreadable
    • Waterfall erects barriers and bottlenecks between the business and the development team
    • It's hard to define the solution at the outset of a project
    • There's a long turnaround between requirements work and solution delivery
    • Locking in requirements dictates an often-inflexible solution. And the costs to make changes tend to add up.

    …Implementing Agile led to other challenges

    This is an image of a series of thought bubbles, each containing a unique challenge resulting from implementing Agile.

    Adopting Agile led to challenges with requirements

    Requirements analysis, design maturity, and management are critical for a successful Agile transformation.

    "One of the largest sources of failure we have seen on large projects is an immature Agile implementation in the context of poorly defined requirements."
    – BCG, 2015

    "Requirements maturity is more important to project outcomes than methodology."
    – IAG Consulting, 2009.

    "Mature Agile practices spend 28% of their time on analysis and design."
    – InfoQ, 2017."

    "There exists a Requirements Premium… organizations using poor practices spent 62% more on similarly sized projects than organizations using the best requirements practices."
    – Requirements Engineering Magazine, 2017

    Strong stakeholder satisfaction with requirements results in higher satisfaction in other areas

    This is an image of a bar graph comparing the percentage of respondents with high stakeholder satisfaction, to the percentage of respondents with low stakeholder satisfaction for four different categories.  these include: Availability of IT Capacity to Complete Projects; Overall IT Projects; IT Projects Meet Business Needs; Overall IT Satisfaction

    N= 324 small organizations from Info-Tech Research Group's CIO Business Vision diagnostic.

    Note: High satisfaction was classified as organizations with a score greater or equal to eight and low satisfaction was every organization that scored below eight on the same questions.

    Agile is being misinterpreted as an opportunity to bypass planning and analysis activities

    Agile is a highly effective tool.

    This isn't about discarding Agile. It is being used for things completely outside of what was originally intended. When developing products or code, it is in its element. However, outside of that realm, its being used to bypass business analysis activities, which help define the true customer and business need.

    Business analysts were forced to adapt and shift focus. Overnight they morphed into product owners, or no longer had a place on the team. Requirements and analysis took a backseat.

    The result?

    Increased rework, decreased stakeholder satisfaction, and a lot of wasted money and effort.

    "Too often, the process of two-week sprints becomes the thing, and the team never gets the time and space to step back and obsess over what is truly needed to delight customers."
    Harvard Business Review, 9 April 2021.

    Info-Tech Insight

    Requirements in Agile are the same, but the purpose of requirements changes.

    • The purpose of requirements in waterfall is for stakeholder approval.
    • The purpose of requirements in Agile is knowledge management; to maintain a record of the current state.

    Many have misinterpreted the spirit of Agile and waterfall

    The stated principles of waterfall say nothing of how work is to be linear.

    This is an image of a comparison between using Agile and Being Prescriptive.This is an image of Royce's 5 principles for success.

    Source: Royce, Dr. Winston W., 1970.

    For more on Agile methodology, check out Info-Tech's Agile Research Centre

    How did the pendulum swing so far?

    Shorter cycles of work made requirements management more difficult. But the answer isn't to stop doing it.

    Organizations went from engaging business stakeholders up front, and then not until solution delivery, to forcing those partners to give up their resources to the project. From taking years to deliver a massive solution (which may or may not even still fit the need) to delivering in rapid cycles called sprints.

    This tug-of-war is costing organizations significant time, money, and effort.

    Your approach to requirements management needs to be centered. We can start to make that shift by better aligning our Agile and business analysis practices. Outside of the product space, Agile needs to be combined with other disciplines (Harvard Business Review, 2021) to be effective.

    Agility is important. Though it is not a replacement for approach or strategy (RCG Global Services, 2022). In Agile, team constraints are leveraged because of time. There is a failure to develop new capabilities to address the business needs Harvard Business Review, 2021).

    Agility needs analysis.

    Agile requirements are a balancing act

    Collaboration

    Many subject matter experts are necessary to create accurate requirements, but their time is limited too.

    Communication

    Stakeholders should be kept informed throughout the requirements gathering process, but you need to get the right information to the right people.

    Documentation

    Recording, organizing, and presenting requirements are essential, but excessive documentation will slow time to delivery.

    Control

    Establishing control points in your requirements gathering process can help confirm, verify, and approve requirements accurately, but stage gates limit delivery.

    Start by defining what the terms mean in your organization

    We do this because there isn't even agreement by the experts on what the terms "Agile" and "business analysis" mean, so let's establish a definition within the context of your organization.

    1.1.1 What do Agile and business analysis mean in your organization?

    Estimated time: 30 Minutes

    1. Explore the motivations behind the need for aligning Agile with business analysis. Are there any current challenges related to outputs, outcomes, quality? How can the team and organization align the two more effectively for the purposes of requirements management?
    2. Gather the appropriate stakeholders to discuss their definition of the terms "Agile" and "business analysis" It can be related to their experience, practice, or things they've read or heard.
    3. Brainstorm and document all shared thoughts and perspectives.
    4. Synthesize those thoughts and perspectives into a shared definition of each term, of a sentence or two.
    5. Revisit this definition as needed, and as your Agile requirements efforts evolve.

    Input

    • Challenges and experiences/perspectives related to Agile and business requirements

    Output

    • A shared definition of Agile and business analysis, to help guide alignment on Agile requirements management

    Materials

    • Agile Requirements Workbook

    Participants

    • Business Analyst(s)
    • Project Team
    • Sponsor/Executive
    • Relevant Stakeholders

    Build your Agile Requirements Playbook

    Keep the outcomes of this blueprint in a single document

    Share at the beginning of a new project, as part of team member onboarding, and revisit as your practice matures.

    This is a series of three screenshots from the Agile Requirements Playbook.

    Your Agile Requirements Playbook will include

    • Your shared definition of Agile and business analysis for your organization
    • The Agile Requirements Maturity Assessment
    • A Methodology Selection Matrix
    • Agile requirements RACI
    • A defined Agile requirements process
    • Documentation Calculator
    • Your Requirements Repository Information
    • Capability Gap List (from current to target state)
    • Target State Improvement Roadmap and Action Plan

    Step 1.2

    Align Agile and Business Analysis Within Your Organization

    Activities

    1.2.1 Assess your Agile requirements maturity

    This step involves the following participants:

    • Business Analyst and Project Team
    • Stakeholders
    • Sponsor/Executive

    Outcomes of this step

    • Complete the Agile Requirements Maturity Assessment to establish your current and target states

    Framing Agile and Business Analysis

    Consider the question: "Why Agile?"

    What is the driving force behind that decision?

    There are many reasons to leverage the power of Agile within your organization, and specifically as part of your requirements management efforts. And it shouldn't just be to improve productivity. That's only one aspect.
    Begin by asking, "Why Agile?" Are you looking to improve:

    • Time to market
    • Team engagement
    • Product quality
    • Customer satisfaction
    • Stakeholder engagement
    • Employee satisfaction
    • Consistency in delivery of value
    • Predictably of your releases

    Or a combination of the above?

    Info-Tech Insight

    Project delivery methodologies aren't either/or. You don't have to be 100% waterfall or 100% Agile. Select the right approach for your project, product, or service.

    In the end, your business partners don't want projects delivered faster, they want value faster!

    For more on understanding Agile, check out the Implement Agile Practices That Work Blueprint

    Responses to a 2019 KPMG survey:

    13% said that their top management fully supports Agile transformation.

    76% of organizations did not agree that their organization supports Agile culture.

    62% of top management believe Agile has no implications for them.

    What changes for the business analyst?

    Business analysts need to focus on six key elements when managing requirements in Agile.

    • Team formation and interaction
    • Stakeholder engagement and communication
    • The timing and sequencing of their work
    • Decision-making
    • Documentation
    • Dealing with change

    In Agile, the what of business analysis does not change.

    What does change is the how and when that work happens.

    1.2.1 Assess your Agile requirements maturity

    This is a series of screenshots from the Agile Requirements Maturity Assessment.

    1.2.1 Assess your Agile requirements maturity

    Estimated time: 30 Minutes

      1. Using the Agile Requirements Maturity Assessment, gather all appropriate stakeholders, and discuss and score the current state of your practice. Scoring can be done by:
        1. Consensus: Generally better with a smaller group, where the group agrees the score and documents the result
        2. Average: Have everyone score individually, and aggregate the results into an average, which is then entered.
        3. Weighted Average: As above, but weight the individual scores by individual or line of business to get a weighted average.
      2. When current state is complete, revisit to establish target state (or hold as a separate session) using the same scoring approach as in current state.
        1. Recognize that there is a cost to maturity, so don't default to the highest score by default.
        2. Resist the urge at this early stage to generate ideas to navigate from current to target state. We will re-visit this exercise in Phase 4, once we've defined other pieces of our process and practice.

    Input

    • Participant knowledge and experience

    Output

    • A current and target state assessment of your Agile requirements practice

    Materials

    • Agile Requirements Maturity Assessment

    Participants

    • Business Analyst(s)
    • Project Team
    • Sponsor/Executive
    • Relevant Stakeholders

    Tailoring Your Approach

    Phase 2

    Phase 1Phase 2Phase 3Phase 4

    1.1 Understand the benefits and limitations of Agile and business analysis

    1.2 Align Agile and business analysis within your organization

    2.1 Confirm the best-fit approach for delivery

    2.2 manage your requirements backlog

    3.1 Define project roles and responsibilities

    3.2 define your level of acceptable documentation

    3.3 Manage requirements as an asset

    3.4 Define your requirements change management plan

    4.1 Preparing new ways of working

    4.2 Develop a roadmap for next steps

    This phase will walk you through the following activities:

    • Selecting the appropriate delivery methodology
    • Managing your requirements backlog
    • Tracing from business need to user story

    This phase involves the following participants:

    • Business Analyst(s)
    • Project Team
    • Sponsor/Executive
    • Relevant Stakeholders

    Managing Requirements in an Agile Environment

    Step 2.1

    Confirm the Best-fit Approach for Delivery

    Activities

    2.1.1 Confirm your methodology

    This step involves the following participants:

    • Business Analyst(s)
    • Project Team
    • Sponsor/Executive
    • Relevant Stakeholders

    Outcomes of this step

    • A review of potential delivery methodologies to select the appropriate, best-fit approach to your projects

    Confirming you're using the best approach doesn't have be tricky

    Selecting the right approach (or confirming you're on the right track) is easier when you assess two key inputs to your project; your level of certainty about the solution, and the level of complexity among the different variables and inputs to your project, such as team experience and training, the number of impacted stakeholders or context. lines of business, and the organizational

    Solution certainty refers to the level of understanding of the problem and the solution at the start of the project. In projects with high solution certainty, the requirements and solutions are well defined, and the project scope is clear. In contrast, projects with low solution certainty have vague or changing requirements, and the solutions are not well understood.

    Project complexity refers to the level of complexity of the project, including the number of stakeholders, the number of deliverables, and the level of technical complexity. In projects with high complexity, there are many stakeholders with different priorities, many deliverables, and high technical complexity. In contrast, projects with low complexity have fewer stakeholders, fewer deliverables, and lower technical complexity.

    "Agile is a fantastic approach when you have no clue how you're going to solve a problem"

    • Ryan Folster, Consulting Services Manager, Business Analysis, Dimension Data

    Use Info-Tech's methodology selection matrix

    Waterfall methodology is best suited for projects with high solution certainty and high complexity. This is because the waterfall model follows a linear and sequential approach, where each phase of the project is completed before moving on to the next. This makes it ideal for projects where the requirements and solutions are well-defined, and the project scope is clear.

    On the other hand, Agile methodology is best suited for projects with low solution certainty. Agile follows an iterative and incremental approach, where the requirements and solutions are detailed and refined throughout the project. This makes it ideal for projects where the requirements and solutions are vague or changing.

    Note that there are other models that exist for determining which path to take, should this approach not fit within your organization.

    Use info-tech's-methodology-selection-matrix

    This is an image of Info-Tech’s methodology selection matrix

    Adapted from The Chaos Report, 2015 (The Standish Group)

    Download the Agile Requirements Workbook

    2.1.1 Confirm your methodology

    Estimated time: 30 Minutes

    1. Using the Agile Requirements Workbook, find the tab labelled "Methodology Assessment" and answer the questions to establish your complexity and certainty scores, where;

    1 = Strongly disagree
    2 = Disagree
    3 = Neutral
    4 = Agree
    5 = Strongly agree.

    1. In the same workbook, plot the results in the grid on the tab labelled "Methodology Matrix".
    2. Projects falling into Green are good fits for Agile. Yellow are viable. And Red may not be a great fit for Agile.
    3. Note: Ultimately, the choice of methodology is yours. Recognize there may be additional challenges when a project is too complex, or uncertainty is high.

    Input

    • Current project complexity and solution certainty

    Output

    • A clear choice of delivery methodology

    Materials

    • Agile Requirements Workbook

    Participants

    • Business Analyst(s)
    • Project Team
    • Sponsor/Executive
    • Relevant Stakeholders

    Step 2.2

    Manage Your Requirements Backlog

    Activities

    2.2.1 Create your user stories

    This step involves the following participants:

    • Business Analyst(s)
    • Project Team
    • Sponsor/Executive
    • Relevant Stakeholders

    Outcomes of this step

    • Understand how to convert requirements into user stories, which populate the Requirements Backlog.

    Tailoring Your Approach

    There is a hierarchy to requirements

    This is a pyramid, with the base being: Solution Requirements; The middle being: Stakeholder Requirements; and the Apex being: Business Requirements.
    • Higher-level statements of the goals, objectives, or needs of the enterprise.
    • Business requirements focus on the needs of the organization, and not the stakeholders within it.

    Defines

    Intended benefits and outcomes

    • Statements of the needs of a particular stakeholder or class of stakeholders, and how that stakeholder will interact with a solution.

    Why it is needed, and by who

    • Describes the characteristics of a solution that meets business requirements and stakeholder requirements. Functional describes the behavior and information that the solution will manage. They describe capabilities the system will be able to perform in terms of behaviors or operations. Non-functional represents constraints on the ultimate solution and tends to be less negotiable.

    What is needed, and how its going to be achieved

    Connect the dots with a traceability matrix

    Business requirements describe what a company needs in order to achieve its goals and objectives. Solution requirements describe how those needs will be met. User stories are a way to express the functionality that a solution will provide from the perspective of an end user.

    A traceability matrix helps clearly connect and maintain your requirements.

    To connect business requirements to solution requirements, you can start by identifying the specific needs that the business has and then determining how those needs can be met through technology or other solutions; or what the solution needs to do to meet the business need. So, if the business requirement is to increase online sales, a solution requirement might include implementing a shopping cart feature on your company website.

    Once you have identified the solution requirements, you can then use those to create user stories. A user story describes a specific piece of functionality that the solution will provide from the perspective of a user.

    For example, "As a customer, I want to be able to add items to my shopping cart so that I can purchase them." This user story is directly tied to the solution requirement of implementing a shopping cart feature.

    Tracing from User Story back up to Business Requirement is essential in ensuring your solutions support your organization's strategic vison and objectives.

    This is an image of a traceability matrix for Business Requirements.

    Download the Info-Tech Requirements Traceability Matrix

    Improve the quality of your solution requirements

    A solution requirement is a statement that clearly outlines the functional capability that the business needs from a system or application.

    There are several attributes to look for in requirements:

    Verifiable

    Unambiguous

    Complete

    Consistent

    Achievable

    Traceable

    Unitary

    Agnostic

    Stated in a way that can be easily tested

    Free of subjective terms and can only be interpreted in one way

    Contains all relevant information

    Does not conflict with other requirements

    Possible to accomplish with budgetary and technological constraints

    Trackable from inception through to testing

    Addresses only one thing and cannot be decomposed into multiple requirements

    Doesn't pre-suppose a specific vendor or product

    For more on developing high quality requirements, check out the Improve Requirements Gathering Blueprint

    Prioritize your requirements

    When everything is a priority, nothing is a priority.

    Prioritization is the process of ranking each requirement based on its importance to project success. Each requirement should be assigned a priority level. The delivery team will use these priority levels to ensure efforts are targeted toward the proper requirements as well as to plan features available on each release. Use the MoSCoW Model of Prioritization to effectively order your requirements.

    The MoSCoW Model of Prioritization

    This is an image of The MoSCoW Model of Prioritization

    The MoSCoW model was introduced by Dai Clegg of Oracle UK in 1994

    (Source: ProductPlan).

    Base your prioritization on the right set of criteria

    Criteria Description
    Regulatory and legal compliance These requirements will be considered mandatory.
    Policy compliance Unless an internal policy can be altered or an exception can be made, these requirements will be considered mandatory.
    Business value significance Give a higher priority to high-value requirements.
    Business risk Any requirement with the potential to jeopardize the entire project should be given a high priority and implemented early.
    Likelihood of success Especially in proof-of-concept projects, it is recommended that requirements have good odds.
    Implementation complexity Give a higher priority to low implementation difficulty requirements.
    Alignment with strategy Give a higher priority to requirements that enable the corporate strategy.
    Urgency Prioritize requirements based on time sensitivity.
    Dependencies A requirement on its own may be low priority, but if it supports a high-priority requirement, then its priority must match it.

    Info-Tech Insight

    It is easier to prioritize requirements if they have already been collapsed, resolved, and rewritten. There is no point in prioritizing every requirement that is elicited up front when some of them will eventually be eliminated.

    Manage solution requirements in a Product backlog

    What is a backlog?

    Agile teams are familiar with the use of a Sprint Backlog, but in Requirements Management, a Product Backlog is a more appropriate choice.

    A product backlog and a Sprint backlog are similar in that they are both lists of items that need to be completed in order to deliver a product or project, but there are some key differences between the two.

    A product backlog is a list of all the features, user stories, and requirements that are needed for a product or project. It is typically created and maintained by the business analyst or product owner and is used to prioritize and guide the development of the product.

    A Sprint backlog, on the other hand, is a list of items specifically for an upcoming sprint, which is an iteration of work in Scrum. The Sprint backlog is created by the development team and is used to plan and guide the work that will be done during the sprint. The items in the Sprint backlog are typically taken from the product backlog and are prioritized based on their importance and readiness.

    For more on building effective product backlogs, visit Deliver on Your Digital Product Vision

    A backlog stores and organizes requirements at various stages

    Your backlog must give you a holistic understanding of demand for change in the product.

    A well-formed backlog can be thought of as a DEEP backlog

    Detailed appropriately: Requirements are broken down and refined as necessary

    Emergent: The backlog grows and evolves over time as requirements are added and removed.

    Estimated: The effort to deliver a requirement is estimated at each tier.

    Prioritized: A requirement's value and priority are determined at each tier.

    This is an image of an inverted funnel, with the top being labeled: Ideas; The middle being labeled: Qualified; and the bottom being labeled: Ready.

    Adapted from Essential Scrum

    Ensure requests and requirements are ready for development

    Clearly define what it means for a requirement, change, or maintenance request to be ready for development.

    This will help ensure the value and scope of each functionality and change are clear and well understood by both developers and stakeholders before the start of the sprint. The definition of ready should be two-fold: ready for the backlog, and ready for coding.

    1. Create a checklist that indicates when a requirement or request is ready for the development backlog. Consider the following questions:
      1. Is the requirement or request in the correct format?
      2. Does the desired functionality or change have significant business value?
      3. Can the requirement or request be reasonably completed within defined release timelines under the current context?
      4. Does the development team agree with the budget and points estimates?
      5. Is there an understanding of what the requirement or request means from the stakeholder or user perspective?
    2. Create a checklist that indicates when a requirement or request is ready for development. Consider the following questions:
      1. Have the requirements and requests been prioritized in the backlog?
      2. Has the team sufficiently collaborated on how the desired functionality or change can be completed?
      3. Do the tasks in each requirement or request contain sufficient detail and direction to begin development?
      4. Can the requirement or request be broken down into smaller pieces?

    Converting solution requirements into user stories

    Define the user

    Who will be interacting with the product or feature being developed? This will help to focus the user story on the user's needs and goals.

    Create the story

    Create the user story using the following template: "As a [user], I want [feature] so that [benefit]."
    This helps articulate the user's need and the value that the requirement will provide.

    Decompose

    User stories are typically too large to be implemented in a single sprint, so they should be broken down into smaller, more manageable tasks.

    Prioritize

    User stories are typically too large to be implemented in a single sprint, so they should be broken down into smaller, more manageable tasks.

    2.2.1 Create your user stories

    Estimated time: 60 Minutes

    1. Gather the project team and relevant stakeholders. Have access to your current list of solution requirements.
    2. Leverage the approach on previous slide "Converting Solution Requirements into User Stories" to generate a collection of user stories.

    NOTE: There is not a 1:1 relationship between requirements and user stories.
    It is possible that a single requirement will have multiple user stories, and similarly, that a single user story will apply to multiple solution requirements.

    Input

    • Requirements
    • Use Case Template

    Output

    • A collection of user stories

    Materials

    • Current Requirements

    Participants

    • Business Analyst(s)
    • Project Team
    • Relevant Stakeholders

    Use the INVEST model to create good user stories

    At this point your requirements should be high-level stories. The goal is to refine your backlog items, so they are . . .

    A vertical image of the Acronym: INVEST, taken from the first letter of each bolded word in the column to the right of the image.

    Independent: Ideally your user stories can be built in any order (i.e. independent from each other). This allows you to prioritize based on value and not get caught up in sequencing and prerequisites.
    Negotiable: As per the Agile principle, collaboration over contracts. Your user stories are meant to facilitate collaboration between the developer and the business. Therefore, they should be built to allow negotiation between all parties.
    Valuable: A user story needs to state the value so it can be effectively prioritized, but also so developers know what they are building.
    Estimable: As opposed to higher-level approximation given to epics, user stories need more accuracy in their estimates in order to, again, be effectively prioritized, but also so teams can know what can fit into a sprint or release plans.
    Small: User stories should be small enough for a number of them to fit into a sprint. However, team size and velocity will impact how many can be completed. A general guideline is that your teams should be able to deliver multiple stories in a sprint.
    Testable: Your stories need to be testable, which means they must have defined acceptance criteria and any related test cases as defined in your product quality standards.
    Source: Agile For All

    Defining Your Requirements Thresholds

    Phase 3

    Defining Your Requirements Thresholds

    Phase 1Phase 2Phase 3Phase 4

    1.1 Understand the benefits and limitations of Agile and business analysis

    1.2 Align Agile and business analysis within your organization

    2.1 Confirm the best-fit approach for delivery

    2.2 manage your requirements backlog

    3.1 Define project roles and responsibilities

    3.2 define your level of acceptable documentation

    3.3 Manage requirements as an asset

    3.4 Define your requirements change management plan

    4.1 Preparing new ways of working

    4.2 Develop a roadmap for next steps

    This phase will walk you through the following activities:

    • Assigning roles and responsibilities optional (Tool: RACI)
    • Define your Agile requirements process
    • Calculate the cost of your documentation (Tool: Documentation Calculator)
    • Define your backlog refinement plan

    This phase involves the following participants:

    • Business Analyst(s)
    • Project Team
    • Sponsor/Executive
    • Relevant Stakeholders

    Managing Requirements in an Agile Environment

    Step 3.1

    Define Project Roles and Responsibilities

    Activities

    3.1.1 Define your Agile requirements RACI (optional)

    3.1.2 Define your Agile requirements process

    Defining Your Requirements Thresholds

    This step involves the following participants:

    • Business Analyst(s)
    • Project Team
    • Sponsor/Executive
    • Relevant Stakeholders

    Outcomes of this step

    • A defined register of roles and responsibilities, along with a defined process for how Agile requirements work is to be done.

    Defining Your Requirements Thresholds

    Where does the BA function fit on an Agile team?

    Team formation is key, as Agile is a team sport

    A business analyst in an Agile team typically interacts with several different roles, including the product owner, development team, and many other stakeholders throughout the organization.

    This is an image the roles who typically interact with a Business Analyst.

    • The product owner, to set the priorities and direction of the project, and to gather requirements and ensure they are being met. Often, but not always, the BA and product owner are the same individual.
    • The development team, to provide clear and concise requirements that they can use to build and test the product.
    • Other stakeholders, such as customers, end-users, and subject matter experts to gather their requirements, feedback and validate the solution.
      • Design, to ensure that the product meets user needs. They may provide feedback and ensure that the design is aligned with requirements.
      • Security, to ensure that the solution meets all necessary security requirements and to identify potential risks and appropriate use of controls.
      • Testing, to ensure that the solution is thoroughly tested before it is deployed. They may create test cases or user scenarios that validate that everything is working as intended.
      • Deployment, to ensure that the necessary preparations have been made, including testing, security, and user acceptance.

    Additionally, during the sprint retrospectives, the team will review their performance and find ways to improve for the next sprint. As a team member, the business analyst helps to identify areas where the team could improve how they are working with requirements and understand how the team can improve communication with stakeholders.

    3.1.1 (Optional) Define Your Agile Requirements RACI

    Estimated Time: 60 Minutes

    1. Identify the project deliverables: The first step is to understand the project deliverables and the tasks that are required to complete them. This will help you to identify the different roles and responsibilities that need to be assigned.
    2. Define the roles and responsibilities: Identify the different roles that will be involved in the project and their associated responsibilities. These roles may include project manager, product owner, development team, stakeholders, and any other relevant parties.
    3. Assign RACI roles: Assign a RACI role to each of the identified tasks. The RACI roles are:
      1. Responsible: the person or team who is responsible for completing the task
      2. Accountable: the person who is accountable for the task being completed on time and to the required standard
      3. Consulted: the people or teams who need to be consulted to ensure the task is completed successfully
      4. Informed: the people or teams who need to be informed of the task's progress and outcome
    4. Create the RACI chart: Use the information gathered in the previous steps to create a matrix or chart that shows the tasks, the roles, and the RACI roles assigned to each task.
    5. Review and refine: Review the RACI chart with the project team and stakeholders to ensure that it accurately reflects the roles and responsibilities of everyone involved. Make any necessary revisions and ensure that all parties understand their roles and responsibilities.
    6. Communicate and implement: Communicate the RACI chart to all relevant parties and ensure that it is used as a reference throughout the project. This will help to ensure that everyone understands their role and that tasks are completed on time and to the required standard.

    Input

    • A list of required tasks and activities
    • A list of stakeholders

    Output

    • A list of defined roles and responsibilities for your project

    Materials

    • Agile Requirements Workbook

    Participants

    • Business Analyst(s)
    • Project Team
    • Sponsor/Executive
    • Relevant Stakeholders

    A Case Study in Team Formation

    Industry: Anonymous Organization in the Energy sector
    Source: Interview

    Challenge

    Agile teams were struggling to deliver within a defined sprint, as there were consistent delays in requirements meeting the definition of ready for development. As such, sprints were often delayed, or key requirements were descoped and deferred to a future sprint.

    During a given two-week sprint cycle, the business analyst assigned to the team would be working along multiple horizons, completing elicitation, analysis, and validation, while concurrently supporting the sprint and dealing with stakeholder changes.

    Solution

    As a part of addressing this ongoing pain, a pilot program was run to add a second business analyst to the team.

    The intent was, as one is engaged preparing requirements through elicitation, analysis, and validation for a future sprint, the second is supporting the current sprint cycle, and gaining insights from stakeholders to refine the requirements backlog.

    Essentially, these two were leap-frogging each other in time. At all times, one BA was focused on the present, and one on the future.

    Result

    A happier team, more satisfied stakeholders, and consistent delivery of features and functions by the Agile teams. The pilot team outperformed all other Agile teams in the organization, and the "2 BA" approach was made the new standard.

    Understanding the Agile requirements process

    Shorter cycles make effective requirements management more necessary, not less

    Short development cycles can make requirements management more difficult because they often result in a higher rate of change to the requirements. In a shorter timeframe, there is less time to gather and verify requirements, leading to a higher likelihood of poor or incomplete requirements. Additionally, there may be more pressure to make decisions quickly, which can lead to less thorough analysis and validation of requirements. This can make it more challenging to ensure that the final solution meets the needs of the stakeholders.
    When planning your requirements cycles, it's important to consider;

    • Your sprint logistics (how long?)
    • Your release plan (at the end of every sprint, monthly, quarterly?)
    • How the backlog will be managed (as tickets, on a visual medium, such as a Kanban board?)
    • How will you manage communication?
    • How will you monitor progress?
    • How will future sprint planning happen?

    Info-Tech's Agile requirements framework

    Sprint N(-1)

    Sprint N

    Sprint N(+1)

    An image of Sprint N(-1) An image of Sprint N An image of Sprint N(+1)

    Changes from waterfall to Agile

    Gathering and documenting requirements: Requirements are discovered and refined throughout the project, rather than being gathered and documented up front. This can be difficult for business analysts who are used to working in a waterfall environment where all requirements are gathered and documented before development begins.
    Prioritization of requirements: Requirements are prioritized based on their value to the customer and the team's ability to deliver them. This can be difficult for business analysts who are used to prioritizing requirements based on the client's needs or their own understanding of what is important.

    Defining acceptance criteria: Acceptance criteria are defined for each user story to ensure that the team understands what needs to be delivered. Business analysts need to understand how to write effective acceptance criteria and how to use them to ensure that the team delivers what the customer needs.
    Supporting Testing and QA: The business analyst plays a role in ensuring that testing (and test cases) are completed and of proper quality, as defined in the requirements.

    Managing changing requirements: It is expected that requirements will change throughout the project. Business analysts need to be able to adapt quickly to changing requirements and ensure that the team is aware of the changes and how they will impact the project.
    Collaboration with stakeholders: Requirements are gathered from a variety of stakeholders, including customers, users, and team members. Business analysts need to be able to work effectively with all stakeholders to gather and refine requirements and ensure that the team is building the right product.

    3.1.2 Define your Agile requirements process

    Estimated time: 60 Minutes

    1. Gather all relevant stakeholders to discuss and define your process for requirements management.
    2. Have a team member facilitate the session to define the process. The sample in the Agile Requirements Workbook can be used optionally as a starting point. You can also use any existing processes and procedures as a baseline.
    3. Gain agreement on the process from all involved stakeholders.
    4. Revisit the process periodically to review its performance and make adjustments as needed.

    NOTE: The process is intended to be at a high enough level to leave space and flexibility for team members to adapt and adjust, but at a sufficient depth that everyone understands the process and workflows. In other words, the process will be both flexible and rigid, and the two are not mutually exclusive.

    Input

    • Project team and RACI
    • Existing Process (if available)

    Output

    • A process for Agile requirements that is flexible yet rigid

    Materials

    • Agile Requirements Workbook

    Participants

    • Business Analyst(s)
    • Project Team
    • Sponsor/Executive
    • Relevant Stakeholders

    Establish the right level of governance and decision-making

    Establishing the right level of governance and decision making is important in Agile requirements because there is a cost to decision making, as time plays an important factor. Even the failure to decide can have significant impacts.

    Good governance and decision-making practices can help to minimize risks, ensure that requirements are well understood and managed, and that project progress is tracked and reported effectively.

    In Agile environments, this often involves establishing clear roles and responsibilities, implementing effective communication and collaboration practices, and ensuring that decision-making processes are efficient and effective.

    Good requirements management practices can help to ensure that projects are aligned with organizational goals and strategy, that stakeholders' needs are understood and addressed, and that deliverables are of high quality and meet the needs of the business.

    By ensuring that governance and decision-making is effective, organizations can improve the chances of project success, and deliver value to the business. Risks and costs can be mitigated by staying small and nimble.

    Check out Make Your IT Governance Adaptable

    Develop an adaptive governance process

    A pyramid, with the number 4 at the apex, and the number 1 at the base.  In order from base-apex, the following titles are found to the right of the pyramid: Ad-Hoc governance; Controlled Governance; Agile Governance; Embedded/Automated governance.

    Maturing governance is a journey

    Organizations should look to progress in their governance stages. Ad-hoc and controlled governance tends to be slow, expensive, and a poor fit for modern practices.

    The goal as you progress through your stages is to delegate governance and empower teams to make optimal decisions in real-time, knowing that they are aligned with the understood best interests of the organization.

    Automate governance for optimal velocity, while mitigating risks and driving value.

    This puts your organization in the best position to be adaptive and able to react effectively to volatility and uncertainty.

    A graph charting Trust and empowerment on the x-axis, and Progress Integration on the Y axis.

    Five key principles for building an adaptive governance framework

    Delegate and empower

    Decision making must be delegated down within the organization, and all resources must be empowered and supported to make effective decisions.

    Define outcomes

    Outcomes and goals must be clearly articulated and understood across the organization to ensure decisions are in line and stay within reasonable boundaries.

    Make risk- informed decisions

    Integrated risk information must be available with sufficient data to support decision making and design approaches at all levels of the organization.

    Embed / automate

    Governance standards and activities need to be embedded in processes and practices. Optimal governance reduces its manual footprint while remaining viable. This also allows for more dynamic adaptation.

    Establish standards and behavior

    Standards and policies need to be defined as the foundation for embedding governance practices organizationally. These guardrails will create boundaries to reinforce delegated decision making.

    Sufficient decision-making power should be given to your Agile teams

    Push the decision-making process down to your pilot teams.

    • Bring your business stakeholders and subject matter experts together to identify the potential high-level risks.
    • Bring your business stakeholders and subject matter experts together to identify the potential high-level risks.
    • Discuss with the business the level of risk they are willing to accept.
    • Define the level of authority project teams have in making critical decisions.

    "Push the decision making down as far as possible, down to the point where sprint teams completely coordinate all the integration, development, and design. What I push up the management chain is risk taking. [Management] decides what level of risk they are willing to take and [they] demonstrate that by the amount of decision making you push down."
    – Senior Manager, Canadian P&C Insurance Company, Info-Tech Interview

    Step 3.2

    Define Your Level of Acceptable Documentation

    Activities

    3.2.1 Calculate the cost of documentation

    This step involves the following participants:

    • Business Analyst(s)
    • Project Team
    • Relevant Stakeholders

    Outcomes of this step

    • Quantified cost of documentation produced for your Agile project.

    Defining Your Requirements Thresholds

    Right-size Your Documentation

    Why do we need it, and what purpose does it serve?

    Before creating any documentation, consider why; why are you creating documentation, and what purpose is it expected to serve?
    Is it:

    • … to gain approval?
    • … to facilitate decision-making?
    • .. to allow the team to think through a challenge or compare solution options?

    Next, consider what level of documentation would be acceptable and 'enough' for your stakeholders. Recognize that 'enough' will depend on your stakeholder's personal definition and perspective.
    There may also be considerations for maintaining documentation for the purposes of compliance, and auditability in some contexts and industries.
    The point is not to eliminate all documentation, but rather, to question why we're producing it, so that we can create just enough to deliver value.

    "What does the next person need to do their work well, to gain or create a shared understanding?"
    - Filip Hendrickx, Innovating BA and Founder, altershape

    Documentation comes at a cost

    We need to quantify the cost of documentation, against the expected benefit

    All things take time, and that would imply that all things have an inherent cost. We often don't think in these terms, as it's just the work we do, and costs are only associated with activities requiring additional capital expenditure. Documentation of requirements can come at a cost in terms of time and resources. Creating and maintaining detailed documentation requires effort from project team members, which could be spent on other aspects of the project such as development or testing. Additionally, there may be costs associated with storing and distributing the documentation.

    When creating documentation, we are making a decision. There is an opportunity cost of investing time to create, and concurrently, not working on other activities. Documentation of requirements can come at a cost in terms of time and resources. Creating and maintaining detailed documentation requires effort from project team members, which could be spent on other aspects of the project such as development or testing. Additionally, there may be costs associated with storing and distributing the documentation.

    In order to make better informed decisions about the types, quantity and even quality of the documentation we are producing, we need to capture that data. To ensure we are receiving good value for our documentation, we should compare the expected costs to the expected benefits of a sprint or project.

    3.2.1 Calculate the cost of documentation

    Estimated time: as needed

    1. Use this tool to quantify the cost of creating and maintaining current state documentation for your Agile requirements team. It provides an indication, via the Documentation Cost Index, of when your project is documenting excessively, relative to the expected benefits of the sprint or project.
    2. In Step 1, enter the hourly rate for the person (or persons) completing the business analysis function for your Agile team. NB: This does not have to be a person with the title of business analyst. If there are multiple people fulfilling this role, enter the average rate (if their rates are same or similar) or a weighted average (if there is a significant range in the hourly rate)
    3. In Step 2, enter the expected benefit (in $) for the sprint or project.
    4. In Step 3, enter the total number of hours spent on each task/activity during the sprint or project. Use blank spaces as needed to add tasks and activities not listed.
    5. In Step 4, you'll find the Documentation Cost Index, which compares your total documentation cost to the expected benefits. The cell will show green when the value is < 0.8, yellow between 0.8 and 1, and red when >1.
    6. Use the information to plan future sprints and documentation needs, identify opportunities for improvement in your requirements practice, and find balance in "just enough" documentation.

    Input

    • Project team and RACI
    • Existing Process (if available)

    Output

    • A process for Agile requirements that is flexible yet rigid

    Materials

    • Agile Requirements Workbook

    Participants

    • Business Analyst(s)
    • Project Team
    • Sponsor/Executive
    • Relevant Stakeholders

    Lack of documentation also comes at a cost

    Lack of documentation can bring costs to Agile projects in a few different ways.

    • Onboarding new team members
    • Improving efficiency
    • Knowledge management
    • Auditing and compliance
    • Project visibility
    • Maintaining code

    Info-Tech Insight

    Re-using deliverables (documentation, process, product, etc.) is important in maintaining the velocity of work. If you find yourself constantly recreating your current state documentation at the start of a project, it's hard to deliver with agility.

    Step 3.3

    Manage Requirements as an Asset

    Activities

    3.3.1 Discuss your current perspectives on requirements as assets

    This step involves the following participants:

    • Business Analyst(s)
    • Project Team
    • Relevant Stakeholders

    Outcomes of this step

    • Awareness of the value in, and tactics for enabling effective management of requirements as assets

    Defining Your Requirements Thresholds

    What do we mean by "assets"?

    And when do requirements become assets?

    In order to delivery with agility, you need to maximize the re-usability of artifacts. These artifacts could take the form of current state documentation, user stories, test cases, and yes, even requirements for re-use.
    Think of it like a library for understanding where your organization is today. Understanding the people, processes, and technology, in one convenient location. These artifacts become assets when we choose to retain them, rather than discard them at the end of a project, when we think they'll no longer be needed.
    And just like finding a single book in a vast library, we need to ensure our assets can be found when we need them. And this means making them searchable.
    We can do this by establishing criteria for requirements and artifact reuse;

    • What business need and benefit is it aligned to?
    • What metadata needs to be attached, related to source, status, subject, author, permissions, type, etc.?
    • Where will it be stored for ease of retrieval?

    Info-Tech Insight

    When writing requirements for products or services, write them for the need first, and not simply for what is changing.

    The benefits of managing requirements as assets

    Retention of knowledge in a knowledge base that allows the team to retain current business requirements, process documentation, business rules, and any other relevant information.
    A clearly defined scope to reduce stakeholder, business, and compliance conflicts.
    Impact analysis of changes to the current organizational assets.

    Source: Requirement Engineering Magazine, 2017.

    A case study in creating an asset repository

    Industry: Anonymous Organization in the Government sector
    Source: Interview

    Challenge

    A large government organization faced a challenge with managing requirements, processes, and project artifacts with any consistency.

    Historically, their documentation was lacking, with multiple versions existing in email sent folders and manila folders no one could find. Confirming the current state at any given time meant the heavy lift of re-documenting and validating, so that effort was avoided for an excessive period.

    Then there was a request for audit and compliance, to review their existing documentation practices. With nothing concrete to show, drastic recommendations were made to ensure this practice would end.

    Solution

    A small but effective team was created to compile and (if not available) document all existing project and product documentation, including processes, requirements, artifacts, business cases, etc.

    A single repository was built and demonstrated to key stakeholders to ensure it would satisfy the needs of the audit and compliance group.

    Result

    A single source of truth for the organization, which was;

    • Accessible (view access to the entire organization).
    • Transparent (anyone could see and understand the process and requirements as intended).
    • A baseline for continuous improvement, as it was clear what the one defined "best way" was.
    • Current, where no one retained current documentation outside of this library.

    3.3.1 Discuss your current perspectives on requirements as assets

    Estimated time: 30 Minutes

    1. Gather all relevant stakeholder to share perspectives on the use of requirements as assets, historically in the organization.
    2. Have a team member facilitate the session. It is optional to document the findings.
    3. After looking at the historical use of requirements as assets, discuss the potential uses, benefits, and drawbacks of managing as assets in the target state.

    Input

    • Participant knowledge and experience

    Output

    • A shared perspective and history on requirements as assets

    Materials

    • A method for data capture (optional)

    Participants

    • Business Analyst(s)
    • Project Team
    • Sponsor/Executive
    • Relevant Stakeholders

    Apply changes to baseline documentation

    Baseline + Release Changes = New Baseline

    • Start from baseline documentation dramatically to reduce cost and risk
    • Treat all scope as changes to baseline requirements
    • Sum of changes in the release scope
    • Sum of changes and original baseline becomes the new baseline
    • May take additional time and effort to maintain accurate baseline

    What is the right tool?

    While an Excel spreadsheet is great to start off, its limitations will become apparent as your product delivery process becomes more complex. Look at these solutions to continue your journey in managing your Agile requirements:

    Step 3.4

    Define Your Requirements Change Management Plan

    Activities

    3.4.1 Triage your requirements

    This step involves the following participants:

    • Business Analyst(s)
    • Project Team
    • Relevant Stakeholders

    Outcomes of this step

    • An approach for determining the appropriate level of governance over changes to requirements.

    Expect and embrace change

    In Agile development, change is expected and embraced. Instead of trying to rigidly follow a plan that may become outdated, Agile teams focus on regularly reassessing their priorities and adapting their plans accordingly. This means that the requirements can change often, and it's important for the team to have a process in place for managing these changes.

    A common approach to managing change in Agile is to use a technique called "backlog refinement." Where previously we populated our backlog with requirements to get them ready for development and deployment, this involves regularly reviewing and updating the list of work to be done. The team will prioritize the items on the evolving backlog, and the prioritized items will be worked on during the next sprint. This allows the team to quickly respond to changes in requirements and stay focused on the most important work.

    Another key aspect of managing change in Agile is effective communication. The team should have regular meetings, such as daily stand-up meetings or weekly sprint planning meetings, to discuss any changes in requirements and ensure that everyone is on the same page.

    Best practices in change and backlog refinement

    Communicate

    Clearly communicate your change process, criteria, and any techniques, tools, and templates that are part of your approach.

    Understand impacts/risks

    Maintain consistent control and communication and ensure that an impact assessment is completed. This is key to managing risks.

    Leverage tools

    Leverage tools when you have them available. This could be a Requirements Management system, a defect/change log, or even by turning on "track changes" in your documents.

    Cross-reference

    For every change, define the source of the change, the reason for the change, key dates for decisions, and any supporting documentation.

    Communicate the reason, and stay on message throughout the change

    Leaders of successful change spend considerable time developing a powerful change message: a compelling narrative that articulates the desired end state and makes the change concrete and meaningful to staff. They create the change vision with staff to build ownership and commitment.

    • The change message should:
    • Explain why the change is needed.
    • Summarize the things that will stay the same.
    • Highlight the things that will be left behind.
    • Emphasize the things that are being changed.
    • Explain how the change will be implemented.
    • Address how the change will affect the various roles in the organization.
    • Discuss staff's role in making the change successful.

    The five elements of communicating the reason for the change:

    An image of a cycle, including the five elements for communicating the reason for change.  these include: What will the role be for each department and individual?; What is the change?; Why are we doing it?; How are we going to go about it?; How long will it take us?

    How to make the management of changes more effective

    Key decisions and considerations

    How will changes to requirements be codified?
    How will intake happen?

    • What is the submission process?
    • Who has approval to submit?
    • What information is needed to submit a request?

    How will potential changes be triaged and evaluated?

    • What criteria will be used to assess the impact and urgency of the potential change?
    • How will you treat material and non-material changes?

    What is the review and approval process?

    • How will acceptance or rejection status be communicated to the submitter?

    3.4.1 Triage Your requirements

    An image of an inverted triangle, with the top being labeled: No Material Impact, the middle being labeled: Material impact; and the bottom being labeled: Governance Impact.  To the right of the image, are text boxes elaborating on each heading.

    If there's no material impact, update and move on

    An image of an inverted triangle, with the top being labeled: No Material Impact, the middle being labeled: Material impact; and the bottom being labeled: Governance Impact. To the right of the image, is a cycle including the following terms: Validate change; Update requirements; Track change (log); Package and communicate

    Material changes require oversight and approval

    An image of an inverted triangle, with the top being labeled: No Material Impact, the middle being labeled: Material impact; and the bottom being labeled: Governance Impact. To the right of the image, is a cycle including the following terms: Define impact; Revise; Change control needed?; Implement change.

    Planning Your Next Steps

    Phase 4

    Planning Your Next Steps

    Phase 1Phase 2Phase 3Phase 4

    1.1 Understand the benefits and limitations of Agile and business analysis

    1.2 Align Agile and business analysis within your organization

    2.1 Confirm the best-fit approach for delivery

    2.2 manage your requirements backlog

    3.1 Define project roles and responsibilities

    3.2 define your level of acceptable documentation

    3.3 Manage requirements as an asset

    3.4 Define your requirements change management plan

    4.1 Preparing new ways of working

    4.2 Develop a roadmap for next steps

    This phase will walk you through the following activities:

    • Completing Your Agile Requirements Playbook
    • EXERCISE: Capability Gap List

    This phase involves the following participants:

    • Business Analyst(s)
    • Project Team
    • Sponsor/Executive
    • Relevant Stakeholders

    Managing Requirements in an Agile Environment

    Step 4.1

    Preparing New Ways of Working

    Activities

    4.1.1 Define your communication plan

    Planning Your Next Steps

    This step involves the following participants:

    • Business Analyst(s)
    • Project Team
    • Sponsor/Executive
    • Relevant Stakeholders

    Outcomes of this step

    • Recognize the changes required on the team and within the broader organization, to bring stakeholders on board.

    How we do requirements work will change

    • Team formation and interaction
    • Stakeholder engagement and communication
    • The timing and sequencing of their work
    • Decision-making
    • Documentation
    • Dealing with change

    As a result, you'll need to focus on;

    Emphasizing flexibility: In Agile organizations, there is a greater emphasis on flexibility and the ability to adapt to change. This means that requirements may evolve over time and may not be fully defined at the beginning of the project.
    Enabling continuous delivery: Agile organizations often use continuous delivery methods, which means that new features and functionality are delivered to users on a regular basis. This requires a more iterative approach to requirements management, as new requirements may be identified and prioritized during the delivery process.
    Enhancing collaboration and communication: Agile organizations place a greater emphasis on collaboration and communication between team members, stakeholders, and customers.
    Developing a user-centered approach: Agile organizations often take a user-centered approach to requirements gathering, which means that the needs and goals of the end-user are prioritized.

    Change within the team, and in the broader organization

    How to build an effective blend Agile and requirements management

    Within the team

    • Meetings should happen as needed
    • Handoffs should be clear and concise
    • Interactions should add value
    • Stand-ups should similarly add value, and shouldn't be for status updates

    Within the organization

    • PMO inclusion, to ensure alignment across the organization
    • Business/Operating areas, to recognize what they are committing to for time, resources, etc.
    • Finance, for how your project or product is funded
    • Governance and oversight, to ensure velocity is maintained

    "Whether in an Agile environment or not, collaboration and relationships are still required and important…how you collaborate, communicate, and how you build relationships are key."
    - Paula Bell, CEO, Paula A. Bell Consulting

    Get stakeholders on board with Agile requirements

    1. Stakeholder feedback and management support are key components of successful Agile requirements.
    2. Stakeholders can see a project's progression and provide critical feedback about its success at critical milestones.
    3. Management helps teams succeed by trusting them to complete projects with business value at top of mind and by removing impediments that are inhibiting their productivity.
    4. Agile will bring a new mindset and significant amounts of people, process, and technology changes that stakeholders and management may not be accustomed to. Working through these issues in requirements management enables a smoother rollout.
    5. Management will play a key role in ensuring long-term Agile requirements success and ultimately rolling it out to the rest of the organization.
    6. The value of leadership involvement has not changed even though responsibilities will. The day-to-day involvement in projects will change but continual feedback will ultimately dictate the success or failure of a project.

    4.1.1 Define your communication plan

    Estimated time: 60 Minutes

      1. Gather all relevant stakeholder to create a communication plan for project or product stakeholders.
      2. Have a team member facilitate the session.
      3. Identify
      4. ;
        1. Each stakeholder
        2. The nature of information they are interested in
        3. The channel or medium best to communicate with them
        4. The frequency of communication
      5. (Optional) Consider validating the results with the stakeholders, if not present.
      6. Document the results in the Agile Requirements Workbook and include in Agile Requirements Playbook.
      7. Revisit as needed, whether at the beginning of a new initiative, or over time, to ensure the content is still valid.

    Input

    • Participant knowledge and experience

    Output

    • A plan for communicating with stakeholders

    Materials

    • Agile Requirements Workbook

    Participants

    • Business Analyst(s)
    • Project Team

    Step 4.2

    Develop a Roadmap for Next Steps

    Activities

    4.2.1 Develop your Agile requirements action plan

    4.2.2 Prioritize with now, next, later

    This step involves the following participants:

    • Business Analyst(s)
    • Project Team
    • Sponsor/Executive
    • Relevant Stakeholders

    Outcomes of this step

    • A comprehensive and prioritized list of opportunities and improvements to be made to mature the Agile requirements practice.

    Planning Your Next Steps

    Identify opportunities to improve and close gaps

    Maturing at multiple levels

    With a mindset of continuous improvement, there is always some way we can get better.

    As you mature your Agile requirements practice, recognize that those gaps for improvement can come from multiple levels, from the organizational down to the individual.

    Each level will bring challenges and opportunities.

    The organization

    • Organizational culture
    • Organizational behavior
    • Political will
    • Unsupportive stakeholders

    The team

    • Current ways of working
    • Team standards, norms and values

    The individual

    • Practitioner skills
    • Practitioner experience
    • Level of training received

    Make sure your organization is ready to transition to Agile requirements management

    A cycle is depicted, with the following Terms: Learning; Automation; Integrated teams; Metrics and governance; Culture.

    Learning:

    Agile is a radical change in how people work
    and think. Structured, facilitated learning is required throughout the transformation to
    help leaders and practitioners go from

    doing Agile to being Agile.

    Automation:

    While Agile is tool-agnostic at its roots, Agile work management tools and DevOps inspired SDLC tools that have become a key part of Agile practices.

    Integrated Teams:


    While temporary project teams can get some benefits from Agile, standing, self-organizing teams that cross business, delivery, and operations are essential to gain the full benefits of Agile.

    Metrics and Governance:

    Successful Agile implementations
    require the disciplined use

    of delivery and operations
    metrics that support governance focused on developing better teams.

    Culture:

    Agile teams believe that value is best created by standing, self-organizing cross-functional teams who deliver sustainably in frequent,
    short increments supported by leaders
    who coach them through challenges.

    Info-Tech Insight

    Agile gaps may only have a short-term, perceived benefit. For example, coding without a team mindset can allow for maximum speed to market for a seasoned developer. Post-deployment maintenance initiatives, however, often lock the single developer as no one else understands the rationale for the decisions that were made.

    4.2.1 Develop your Agile requirements action plan

    Estimated time: 60 Minutes

    1. Gather all relevant stakeholder to create a road map and action plan for requirements management.
    2. Have a team member facilitate the session using the results of the Agile Requirements Maturity Assessment.
    3. Identify gaps from current to future state and brainstorm possible actions that can be taken to address those gaps. Resist the urge to analyze or discuss the feasibility of each idea at this stage. The intent is idea generation.
    4. When the group has exhausted all ideas, the facilitator should group like ideas together, with support from participants. Discuss any ideas that are unclear or ambiguous.
    5. Document the results in the Agile Requirements Workbook.

    Note: the feasibility and timing of the ideas will happen in the following "Now, Next, Later" exercise.

    Prioritize your roadmap

    Taking steps to mature your Agile requirements practice.

    An image of the Now; Next; Later technique.

    The "Now, Next, Later" technique is a method for prioritizing and planning improvements or tasks. This involves breaking down a list of tasks or improvements into three categories:

    • "Now" tasks are those that must be completed immediately. These tasks are usually urgent or critical, and they must be completed to keep the project or organization running smoothly.
    • "Next" tasks are those that should be completed soon. These tasks are not as critical as "now" tasks, but they are still important and should be tackled relatively soon.
    • "Later" tasks are those that can be completed later. These tasks are less critical and can be deferred without causing major problems.

    By using this technique, you can prioritize and plan the most important tasks first, while also allowing for flexibility and the ability to adjust plans as necessary.
    This process also helps you get a clear picture on what needs to be done first and what can be done later. This way you can work on the most important things first, and keep track of what you need to do next, for keeping the development/improvement process smooth and efficient.

    Monitor your progress

    Monitoring progress is important in achieving your target state. Be deliberate with your actions, to continue to mature your Agile requirements practice.

    As you navigate toward your target state, continue to monitor your progress, your successes, and your challenges. As your Agile requirements practice matures, you should see improvements in the stated metrics below.

    Establish a cadence to review these metrics, as well as how you are progressing on your roadmap, against the plan.

    This is not about adding work, but rather, about ensuring you're heading in the right direction; finding the balance in your Agile requirements practice.

    Metric
    Team satisfaction (%) Expect team satisfaction to increase as a result of clearer role delineation and value contribution.
    Stakeholder satisfaction (%) Expect stakeholder satisfaction to similarly increase, as requirements quality increases, bringing increased value.
    Requirements rework Measures the quality of requirements from your Agile projects. Expect that the requirements rework will decrease, in terms of volume/frequency.
    Cost of documentation Quantifies the cost of documentation, including elicitation, analysis, validation, presentation, and management.
    Time to delivery Balancing metric. We don't want improvements in other at the expense of time to delivery.

    Appendix

    Research Contributors and Experts

    This is a picture of Emal Bariali

    Emal Bariali
    Business Architect & Business Analyst
    Bariali Consulting

    Emal Bariali is a Senior Business Analyst and Business Architect with 17 years of experience, executing nearly 20 projects. He has experience in both waterfall and Agile methodologies and has delivered solutions in a variety of forms, including custom builds and turnkey projects. He holds a Master's degree in Information Systems from the University of Toronto, a Bachelor's degree in Information Technology from York University, and a post-diploma in Software & Database Development from Seneca College.

    This is a picture of Paula Bell

    Paula Bell
    Paula A. Bell Consulting, LLC

    Paula Bell is the CEO of Paula A Bell Consulting, LLC. She is a Business Analyst, Leadership and Career Development coach, consultant, speaker, and author with 21+ years of experience in corporate America in project roles including business analyst, requirements manager, business initiatives manager, business process quality manager, technical writer, project manager, developer, test lead, and implementation lead. Paula has experience in a variety of industries including media, courts, manufacturing, and financial. Paula has led multiple highly-visible multi-million-dollar technology and business projects to create solutions to transform businesses as either a consultant, senior business analyst, or manager.

    Currently she is Director of Operations for Bridging the Gap, where she oversees the entire operation and their main flagship certification program.

    This is a picture of Ryan Folster

    Ryan Folster
    Consulting Services Manager, Business Analysis
    Dimension Data

    Ryan Folster is a Business Analyst Lead and Product Professional from Johannesburg, South Africa. His strong focus on innovation and his involvement in the business analysis community have seen Ryan develop professionally from a small company, serving a small number of users, to large multi-national organizations. Having merged into business analysis through the business domain, Ryan has developed a firm grounding and provides context to the methodologies applied to clients and projects he is working on. Ryan has gained exposure to the Human Resources, Asset Management, and Financial Services sectors, working on projects that span from Enterprise Line of Business Software to BI and Compliance.

    Ryan is also heavily involved in the local chapter of IIBA®; having previously served as the chapter president, he currently serves as a non-executive board member. Ryan is passionate about the role a Business Analyst plays within an organization and is a firm believer that the role will develop further in the future and become a crucial aspect of any successful business.

    This is a picture of Filip Hendrickx

    Filip Hendrickx
    Innovating BA, Visiting Professor @ VUB
    altershape

    Filip loves bridging business analysis and innovation and mixes both in his work as speaker, trainer, coach, and consultant.

    As co-founder of the BA & Beyond Conference and IIBA Brussels Chapter president, Filip helps support the BA profession and grow the BA community in and around Belgium. For these activities, Filip received the 2022 IIBA® EMEA Region Volunteer of the Year Award.

    Together with Ian Richards, Filip is the author ofBrainy Glue, a business novel on business analysis, innovation and change. Filip is also co-author of the BCS book Digital Product Management and Cycles, a book, method and toolkit enabling faster innovation.

    This is a picture of Fabricio Laguna

    Fabricio Laguna
    Professional Speaker, Consultant, and Trainer
    TheBrazilianBA.com

    Fabrício Laguna, aka The Brazilian BA, is the main reference on business analysis in Brazil. Author and producer of videos, articles, classes, lectures, and playful content, he can explain complex things in a simple and easy-to-understand way. IIBA Brazil Chapter president between 2012-2022. CBAP, AAC, CPOA, PMP, MBA. Consultant and instructor for more than 25 years working with business analysis, methodology, solution development, systems analysis, project management, business architecture, and systems architecture. His online courses are approved by students from 65 countries.

    This is a picture of Ryland Leyton

    Ryland Leyton
    Business Analyst and Agile Coach
    Independent Consultant

    Ryland Leyton, CBAP, PMP, CSM, is an avid Agile advocate and coach, business analyst, author, speaker, and educator. He has worked in the technology sector since 1998, starting off with database and web programming, gradually moving through project management and finding his passion in the BA and Agile fields. He has been a core team member of the IIBA Extension to the BABOK and the IIBA Agile Analysis Certification. Ryland has written popular books on agility, business analysis, and career. He can be reached at www.RylandLeyton.com.

    This is a picture of Steve Jones

    Steve Jones
    Supervisor, Market Support Business Analysis
    ISO New England

    Steve is a passionate analyst and BA manager with more than 20 years of experience in improving processes, services and software, working across all areas of software development lifecycle, business change and business analysis. He rejoices in solving complex business problems and increasing process reproducibility and compliance through the application of business analysis tools and techniques.

    Steve is currently serving as VP of Education for IIBA Hartford. He is a CBAP, certified SAFe Product Owner/Product Manager, Six Sigma Green Belt, and holds an MS in Information Management and Communications.

    This is a picture of Angela Wick

    Angela Wick
    Founder
    BA-Squared and BA-Cube

    Founder of BA-Squared and BA-Cube.com, Angela is passionate about teaching practical, modern product ownership and BA skills. With over 20 years' experience she takes BA skills to the next level and into the future!
    Angela is also a LinkedIn Learning instructor on Agile product ownership and business analysis, an IC-Agile Authorized Trainer, Product Owner and BA highly-rated trainer, highly-rated speaker, sought-after workshop facilitator, and contributor to many industry publications, including:

    • IIBA BABOK v3 Core Team, leading author on the BABOK v3
    • Expert Reviewer, IIBA Agile Extension to the BABOK
    • PMI BA Practice Guide – Expert Reviewer
    • PMI Requirements Management Practice Guide – Expert Reviewer
    • IIBA Competency Model – Lead Author and Team Lead, V1, V2, and V3.

    This is a picture of Rachael Wilterdink

    Rachael Wilterdink
    Principal Consultant
    Infotech Enterprises

    Rachael Wilterdink is a Principal Consultant with Infotech Enterprises. With over 25 years of IT experience, she holds multiple business analysis and Agile certifications. As a consultant, Rachael has served clients in the financial, retail, manufacturing, healthcare, government, non-profit, and insurance industries. Giving back to the professional community, Ms. Wilterdink served on the boards of her local IIBA® and PMI® chapters. As a passionate public speaker, Rachael presents various topics at conferences and user groups across the country and the world. Rachael is also the author of the popular eBook "40 Agile Transformation Pain Points (and how to avoid or manage them)."

    Bibliography

    "2021 Business Agility Report: Rising to the Challenge." Business Agility, 2021. Accessed 13 June 2022.
    Axure. "The Pitfalls of Agile and How We Got Here". Axure. Accessed 14 November 2022.
    Beck, Kent, et al. "Manifesto for Agile Software Development." Agilemanifesto. 2001.
    Brock, Jon, et al. "Large-Scale IT Projects: From Nightmare to Value Creation." BCG, 25 May 2015.
    Bryar, Colin and Bill Carr. "Have We Taken Agile Too Far?" Harvard Business Review, 9 April 2021. Accessed 11 November, 2022.
    Clarke, Thomas. "When Agile Isn't Responsive to Business Goals" RCG Global Services, Accessed 14 November 2022.
    Digital.ai "The 15th State of Agile Report". Digital.ai. Accessed 21 November 2022.
    Hackshall, Robin. "Product Backlog Refinement." Scrum Alliance. 9 Oct. 2014.
    Hartman, Bob. "New to Agile? INVEST in good user stories." Agile For All.
    IAG Consulting. "Business Analysis Benchmark: Full Report." IAG Consulting, 2009.
    Karlsson, Johan. "Backlog Grooming: Must-Know Tips for High-Value Products." Perforce. 18 May 2018
    KPMG. Agile Transformation (2019 Survey on Agility). KPMG. Accessed November 29.
    Laguna, Fabricio "REQM guidance matrix: A framework to drive requirements management", Requirements Engineering Magazine. 12 September 2017. Accessed 10 November 2022.
    Miller, G. J. (2013). Agile problems, challenges, & failures. Paper presented at PMI® Global Congress 2013—North America, New Orleans, LA. Newtown Square, PA: Project Management Institute.
    Product Management: MoSCoW Prioritization." ProductPlan, n.d. Web.
    Podeswa, Howard "The Business Case for Agile Business Analysis" Requirements Engineering Magazine. 21 February 2017. Accessed 7 November 2022.
    PPM Express. "Why Projects Fail: Business Analysis is the Key". PPM Express. Accessed 16 November 2022.
    Reifer, Donald J. "Quantitative Analysis of Agile Methods Study: Twelve Major Findings." InfoQ, 6 February, 2017.
    Royce, Dr. Winston W. "Managing the Development of Large Software Systems." Scf.usc.edu. 1970. (royce1970.pdf (usc.edu))
    Rubin, Kenneth S. Essential Scrum: A Practical Guide to the Most Popular Agile Process. Pearson Education. 2012.
    Singer, Michael. "15+ Surprising Agile Statistics: Everything You Need To Know About Agile Management". Enterprise Apps Today. 22 August 2022.
    The Standish Group. The Chaos Report, 2015. The Standish Group.

    Where do I go next?

    Improve Requirements Gathering

    Back to basics: great products are built on great requirements.

    Make the Case for Product Delivery

    Align your organization on the practices to deliver what matters most.

    Requirements for Small and Medium Enterprises

    Right-size the guidelines of your requirements gathering process.

    Implement Agile Practices that Work

    Improve collaboration and transparency with the business to minimize project failure.

    Create an Agile-Friendly Gating and Governance Model

    Use Info-Tech's Agile Gating Framework as a guide to gating your Agile projects following a "trust but verify" approach.

    Make Your IT Governance Adaptable

    Governance isn't optional, so keep it simple and make it flexible.

    Deliver on Your Digital Product Vision

    Build a product vision your organization can take from strategy through execution.

    Make IT a Successful Partner in M&A Integration

    • Buy Link or Shortcode: {j2store}79|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: IT Strategy
    • Parent Category Link: /it-strategy
    • Many organizations forget the essential role IT plays during M&A integration. IT is often unaware of a merger or acquisition until the deal is announced, making it very difficult to adequately interpret business goals and appropriately assess the target organization.
    • IT-related integration activities are amongst the largest cost items in an M&A, yet these costs are often overlooked or underestimated during due diligence.
    • IT is expected to use the M&A team’s IT due diligence report and estimated IT integration budget, which may not have been generated appropriately.
    • IT involvement in integration is critical to providing a better view of risks, improving the ease of integration, and optimizing synergies.

    Our Advice

    Critical Insight

    • Anticipate that you are going to be under pressure. Fulfill short-term, tactical operational imperatives while simultaneously conducting discovery and designing the technology end-state.
    • To migrate risks and guide discovery, select a high-level IT integration posture that aligns with business objectives.

    Impact and Result

    • Once a deal has been announced, use this blueprint to set out immediately to understand business M&A goals and expected synergies.
    • Assemble an IT Integration Program to conduct discovery and begin designing the technology end-state, while simultaneously identifying and delivering operational imperatives and quick-wins as soon as possible.
    • Following discovery, use this blueprint to build initiatives and put together an IT integration budget. The IT Integration Program has an obligation to explain the IT cost implications of the M&A to the business.
    • Once you have a clear understanding of the cost of your IT integration, use this blueprint to build a long-term action plan to achieve the planned technology end-state that best supports the business capabilities of the organization.

    Make IT a Successful Partner in M&A Integration Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should follow Info-Tech’s M&A IT integration methodology and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Launch the project

    Define the business’s M&A goals, assemble an IT Integration Program, and select an IT integration posture that aligns with business M&A strategy.

    • Make IT a Successful Partner in M&A Integration – Phase 1: Launch the Project
    • IT Integration Charter

    2. Conduct discovery and design the technology end-state

    Refine the current state of each IT domain in both organizations, and then design the end-state of each domain.

    • Make IT a Successful Partner in M&A Integration – Phase 2: Conduct Discovery and Design the Technology End-State
    • IT Integration Roadmap Tool

    3. Initiate operational imperatives and quick-wins

    Generate tactical operational imperatives and quick-wins, and then develop an interim action plan to maintain business function and capture synergies.

    • Make IT a Successful Partner in M&A Integration – Phase 3: Initiate Operational Imperatives and Quick-Wins

    4. Develop an integration roadmap

    Generate initiatives and put together a long-term action plan to achieve the planned technology end-state.

    • Make IT a Successful Partner in M&A Integration – Phase 4: Develop an Integration Roadmap
    [infographic]

    Workshop: Make IT a Successful Partner in M&A Integration

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Launch the Project

    The Purpose

    Identification of staffing and skill set needed to manage the IT integration.

    Generation of an integration communication plan to highlight communication schedule during major integration events.

    Identification of business goals and objectives to select an IT Integration Posture that aligns with business strategy.

    Key Benefits Achieved

    Defined IT integration roles & responsibilities.

    Structured communication plan for key IT integration milestones.

    Creation of the IT Integration Program.

    Generation of an IT Integration Posture.

    Activities

    1.1 Define IT Integration Program responsibilities.

    1.2 Build an integration communication plan.

    1.3 Host interviews with senior management.

    1.4 Select a technology end-state and IT integration posture.

    Outputs

    Define IT Integration Program responsibilities and goals

    Structured communication plan

    Customized interview guide for each major stakeholder

    Selected technology end-state and IT integration posture

    2 Conduct Discovery and Design the Technology End-State

    The Purpose

    Identification of information sources to begin conducting discovery.

    Definition of scope of information that must be collected about target organization.

    Definition of scope of information that must be collected about your own organization.

    Refinement of the technology end-state for each IT domain of the new entity. 

    Key Benefits Achieved

    A collection of necessary information to design the technology end-state of each IT domain.

    Adequate information to make accurate cost estimates.

    A designed end-state for each IT domain.

    A collection of necessary, available information to make accurate cost estimates. 

    Activities

    2.1 Define discovery scope.

    2.2 Review the data room and conduct onsite discovery.

    2.3 Design the technology end-state for each IT domain.

    2.4 Select the integration strategy for each IT domain.

    Outputs

    Tone set for discovery

    Key information collected for each IT domain

    Refined end-state for each IT domain

    Refined integration strategy for each IT domain

    3 Initiate Tactical Initiatives and Develop an Integration Roadmap

    The Purpose

    Generation of tactical initiatives that are operationally imperative and will help build business credibility.

    Prioritization and execution of tactical initiatives.

    Confirmation of integration strategy for each IT domain and generation of initiatives to achieve technology end-states.

    Prioritization and execution of integration roadmap.

    Key Benefits Achieved

    Tactical initiatives generated and executed.

    Confirmed integration posture for each IT domain.

    Initiatives generated and executed upon to achieve the technology end-state of each IT domain. 

    Activities

    3.1 Build quick-win and operational imperatives.

    3.2 Build a tactical action plan and execute.

    3.3 Build initiatives to close gaps and redundancies.

    3.4 Finalize your roadmap and kick-start integration.

    Outputs

    Tactical roadmap to fulfill short-term M&A objectives and synergies

    Confirmed IT integration strategies

    Finalized integration roadmap

    Analyze Your Service Desk Ticket Data

    • Buy Link or Shortcode: {j2store}483|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $6,499 Average $ Saved
    • member rating average days saved: 3 Average Days Saved
    • Parent Category Name: Service Desk
    • Parent Category Link: /service-desk
    • Leverage your service desk ticket data to gain insights for your service desk strategy.

    Our Advice

    Critical Insight

    • Properly analyzing ticket data is challenging for the following reasons:
      • Poor ticket hygiene and unclear ticket handling means the data is often inaccurate or incomplete.
      • Service desk personnel are not sure where to start with analysis.
      • Too many metrics are tracked to parse actionable data from the noise.
    • Ticket data won’t give you a silver bullet, but it can help point you in the right direction.

    Impact and Result

    • Create an iterative framework for tracking metrics, keeping data clean, and actioning your data on day-to-day and month-to-month timelines.

    Analyze Your Service Desk Ticket Data Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should analyze your service desk ticket data, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Import your ticket data

    Enter your data into our tool. Compare your own ITSM ticket fields to improve ticket data moving forward.

    • Service Desk Ticket Analysis Tool

    2. Analyze your ticket data

    Use the ticket analysis tool as a guide to build your own operational dashboards to measure metrics over time. Gain actionable insights from your data.

    • Ticket Analysis Report

    3. Action your ticket data

    Use the data to communicate your findings to the business and leadership using the Ticket Analysis Report.

    [infographic]

    Further reading

    INFO-TECH RESEARCH GROUP

    Analyze Your Service Desk Ticket Data

    Take a data-driven approach to service desk optimization.

    EXECUTIVE BRIEF

    Analyst Perspective

    Photo of Benedict Chang, Research Analyst, Infrastructure & Operations, Info-Tech Research Group

    Benedict Chang
    Research Analyst, Infrastructure & Operations
    Info-Tech Research Group

    Photo of Ken Weston ITIL MP, PMP, Cert.APM, SMC, Research Director, Infrastructure & Operations, Info-Tech Research Group

    Ken Weston ITIL MP, PMP, Cert.APM, SMC
    Research Director, Infrastructure & Operations
    Info-Tech Research Group

    The perfect time to start analyzing your ticket data is now

    Service desks improve their services by leveraging ticket data to inform their actions. However, many organizations don’t know where to start. It’s tempting to wait for perfect data, but there’s a lot of value in analyzing your ticket data as it exists today.

    Start small. Track key tension metrics based on the out-of-the-box functionality in your tool. Review the metrics regularly to stay on track.

    By reviewing your ticket data, you’re going to get better organically. You’re going to learn about the state of your environment, the health of your processes, and the quality of your services. Regularly analyze your data to drive improvements.

    Make ticket analysis a weekly habit. Every week, you should be evaluating how the past week went. Every month, you should be looking for patterns and trends.

    Executive Summary

    Your Situation

    Leverage your service desk ticket data to gain insights for improving your operations:

    1. Use a data-based approach to allocate service desk resources.
    2. Design appropriate SLOs and SLAs to better service end users.
    3. Gain efficiencies for your shift-left strategy.
    4. Communicate the current and future value of the service desk to the business.

    Common Obstacles

    Properly analyzing ticket data is challenging for the following reasons:

    • Poor ticket hygiene and unclear ticket handling guidelines can lead to untrustworthy results.
    • Undocumented tickets from various intake channels prevents you from seeing the whole picture.
    • Service desk personnel are not sure where to start with analysis and are too busy to find time.
    • Too many metrics are tracked to parse actionable insights from the noise.

    Info-Tech’s Approach

    Info-Tech’s approach to improvement:

    • To reduce the noise, standardize your ticket data in a format that will ease analysis.
    • Start with common analyses using the cleaned data set.
    • Identify action items based on your ticket data.

    Analyze your ticket data to help continually improve your service desk.

    Slow down. Give yourself time.

    Give yourself time to observe the new metrics and draw enough insights to make recommendations for improvement. Then, execute on those recommendations. Slow and steady improvement of the service desk only adds business value and will have a positive impact on customer satisfaction.

    Your challenge

    This research is designed to help service desk managers analyze their ticket data

    Analyzing ticket data involves:

    • Collecting ticket data and keeping it clean. Based on the metrics you’re analyzing, define ticket expectations and keep the data up to date.
    • Showing the value of the service desk. SLAs are meaningless if they are not met consistently. The prerequisite to implementing proper SLAs is fully understanding the workload of the service desk.
    • Understanding – and improving – the user experience. You cannot improve the user experience without meaningful metrics that allow you to understand the user experience. Different user groups will have different needs and different expectations of the level of service. Your metrics should reflect those needs and expectations.

    36% of organizations are prioritizing ticket handling in IT for 2021 (Source: SDI, 2021)

    12% of organizations are focusing directly on service desk improvement (Source: SDI, 2021)

    Common obstacles

    Many organizations face these barriers to analyzing their ticket data:

    • Finding time to properly analyze ticket data is a challenge. Not knowing where to start can lead to not analyzing the proper data. Service desks end up either tracking too much data or not tracking the proper metrics.
    • Data, even if clean, can be housed in various tools and databases. It’s difficult to aggregate data if the data is stored throughout various tools. Comparisons may also be difficult if the data sets aren’t consistent.
    • Shifting left to move tickets toward self-service is difficult when there is no visibility into which tickets should be shifted left.

    What your peers are saying about why they can’t start analyzing their ticket data:

    • “My technicians do not consistently update and close tickets.”
    • “My ITSM doesn’t have the capabilities I need to make informed decisions on shifting tickets left.”
    • “My tickets are always missing data”
    • “I’m constantly firefighting. I have no time for ticket data analysis.”
    • “I have no idea where to start with the amount of data I have.”
    (Source: Info-Tech survey, 2021; N=20.)

    Common obstacles that prevent effective ticket analysis

    We asked IT service desk managers and teams about their biggest hurdles

    Missing or Inaccurate Information
    • Lack of information in the ticket
    • Categories are too general/specific to draw insights
    • Poor ticket hygiene
    Missing Updates
    • Tickets aren’t updated while being resolved
    Correlating Tickets to Identify Trends
    • Not sure where to start with all the data at hand
    No Time
    • No time to figure out the tool or analyze the data properly
    Ineffective Categorization Schemes
    • Reduces the power of ticket data
    Tool Limitations
    • Can’t be easily customized
    • Too customized to be effective
    • Desired dashboards unavailable
    (Source: Info-Tech survey, 2021; N=20)

    Info-Tech’s approach

    Repeat this analysis every business cycle:

    • Gather Your Data
      Collect your ticket data OR start measuring the right metrics.
    • Extract & Analyze
      Organize and visualize your data to extract insights
    • Action the Results
      Implement low-effort improvements and celebrate quick successes.
    • Implement Larger Changes
      Reference your ticket data while implementing process, tooling, and other changes.
    • Communicate the Results
      Use your data to show the value of your effort.

    Measure the value of this blueprint

    Track these metrics as you improve

    Use the data to tell you which aspects of IT need to be shifted left and which need to be automated

    Your data will show you where you can improve.

    As you act on your data, you should see:

    • Lower costs per ticket
    • Decreased average time to resolve
    • Increased end-user satisfaction
    • Fewer tickets escalated beyond Tier 1

    An illustration of the 'Shift Left Strategy' using three line graphs arranged in a table with the same axes but representing different metrics. The header row is 'Metrics,' then values of the x-axes are 'Auto-Fix,' 'User,' 'Tier 1,' 'Tier2/Tier3,' and 'Vendor.' Under 'Metrics' we see 'Cost,' 'Time,' and 'Satisfaction.' The 'Cost' graph begins 'Low' at 'Auto-Fix' and gradually moves to 'High' at 'Vendor.' The 'Time' graph begins 'Low' at 'Auto-Fix' and gradually moves to 'High' at 'Vendor.' The 'Satisfaction' graph begins 'High' at 'Auto-Fix' and gradually moves to 'Low' at 'Vendor.' Below is an arrow directing us away from the 'Vendor' option and toward the 'Auto-Fix' option, 'Shift Ticket Resolution Left.'

    See Info-Tech’s blueprint Optimize the Service Desk With a Shift-Left Strategy.

    Info-Tech’s methodology for analyzing service desk tickets

    1. Import Your Ticket Data 2. Analyze Your Ticket Data 3. Communicate Your Insights
    Phase Steps
    1. Import Your Ticket Data
    1. Analyze High-Level Ticket Data
    2. Analyze Incidents, Service Requests, and Ticket Categories
    1. Build Recommendations
    2. Action and Communicate Your Ticket Data
    Phase Outcomes Enter your data into our tool. Compare your own ITSM ticket fields to improve ticket data moving forward. Use the Service Desk Ticket Analysis Tool as a guide to build your own operational dashboards to measure metrics over time. Gain actionable insights from your data. Use the data to communicate your findings to the business and leadership using the Ticket Analysis Report.

    Insight summary

    Slow down. Give yourself time.

    Give yourself time to observe the new metrics and draw enough insights to make recommendations for improvement. Then, execute on those recommendations. Slow and steady improvement of the service desk only adds business value and will have a positive impact on customer satisfaction.

    Iterate on what to track rather than trying to get it right the first time.

    Tracking the right data in your ticket can be challenging if you don’t know what you’re looking for. Start with standardized fields and iterate on your data analysis to figure out your gaps and needs.

    If you don’t know where to go, ticket data can point you in the right direction.

    If you have service desk challenges, you will need to allocate time to process improvement. However, prioritizing your initiatives is easier if you have the ticket data to point you in the right direction.

    Start with data from one business cycle.

    Service desks don’t need three years’ worth of data. Focus on gathering data for one business cycle (e.g. three months). That will give you enough information to start generating value.

    Let the data do the talking.

    Leverage the data to drive organizational and process change in your organization by tracking meaningful metrics. Choose those metrics using business-aligned goals.

    Paint the whole picture.

    Single metrics in isolation, even if measured over time, may not tell the whole story. Make sure you design tension metrics where necessary to get a holistic view of your service desk.

    Blueprint deliverables

    This blueprint’s key deliverable is a ticket analysis tool. Many of the activities throughout this blueprint will direct you to complete and interpret this tool. The other main deliverable is a stakeholder presentation template to help you document the outcomes of the project.
    Service Desk Ticket Analysis Tool Ticket Analysis Report
    Use this tool to identify trends and patterns in your ticket data to action improvement initiatives.

    Sample of the Service Desk Ticket Analysis Tool blueprint deliverable.

    Use this template to document the justification for addressing service desk improvement, the results of your analysis, and your next steps.

    Sample of the Ticket Analysis Report blueprint deliverable.

    Blueprint benefits

    IT Benefits

    • Discover and implement the proper metrics to improve your service desk
    • Use a data-based approach to improve your customer service and operational goals
    • Increase visibility with the business and other IT departments using a structured presentation

    Business Benefits

    • Quicker resolutions to incidents and service requests
    • Better expectations for the service desk and IT
    • Better visibility into the current state, challenges, and goals of the service desk
    • More effective support when contacting the service desk

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 3-4 calls over the course of 2-3 months.

    What does a typical GI on this topic look like?

      Phase 1

    • Call #1: Scope requirements, objectives, and your specific challenges. Enter your data into the tool.
    • Phase 2

    • Call #2: Assess the current state across the different dashboards.
    • Phase 3

    • Call #3: Identify improvements and insights to include in the communication report.
    • Call #4: Review the service desk ticket analysis report.

    PHASE 1

    Import Your Ticket Data

    This phase will walk you through the following activities:

    • 1.1.1 Define your objectives for analyzing ticket data
    • 1.1.2 Identify success metrics
    • 1.1.3 Import your ticket data into the tool
    • 1.1.4 Update your ticket fields for future analysis

    This phase involves the following participants:

    • Service Desk Manager
    • ITSM Manager
    • Service Desk Technician

    1.1.1 Define your objectives for analyzing ticket data

    Input: Understanding of current service desk process and ticket routing

    Output: Defined objectives for the project

    Materials: Whiteboard/flip charts, Ticket Analysis Report

    Participants: Service Desk Staff, Service Desk Manager, IT Director, CIO

    Use the discussion questions below as a guide
    1. Identify your main objective for analyzing ticket data. Use these three sample objectives as a starting point:
      • Demonstrate value to the business by improving customer service.
      • Improve service desk operations.
      • Reduce the number of recurring incidents.
    2. Answer the following questions as a group:
      • What challenges do you have getting accurate data for this objective?
      • What data is missing for supporting this objective?
      • What kind of issues must be solved for us to make progress on achieving this objective?
      • What decisions are held up from a lack of data?
      • How can better ticket data help us to more effectively manage our services and operations?

    Document in the Ticket Analysis Report.

    1.1.2 Identify success metrics

    Select metrics that will track your progress on meeting the objective identified in Activity 1.1.1.

    Input: Understanding of current service desk process and ticket routing

    Output: Defined objectives for the project

    Materials: Whiteboard/flip charts, Ticket Analysis Report

    Participants: Service Desk Manager, IT Director, CIO

    Use these sample metrics as a starting point:
    Demonstrate value to the business by improving customer service
    Ticket trends by category by month # tickets by business department % SLAs met by IT teams
    Average customer satisfaction rating % incident tickets closed in one day Service request SLAs met by % Annual IT satisfaction survey result
    Improve service desk operations
    Incident tickets assigned, sorted by age and priority Scheduled requests for today and tomorrow Knowledgebase articles due for renewal this month Top 5-10 tickets for the quarter
    Unassigned tickets by age # incident tickets assigned by tech Open tickets by category Backlog summary by age
    Reducing the number of recurring incidents
    # incidents by category and resolution code Number of problem tickets opened and resolved Correlation of ticket volume trends to events Reduction of volume of recurring tickets
    Use of knowledgebase by users Use of self-service for ticket creation Use of service catalog Use of automated features (e.g. password resets)
    Average call hold time % calls abandoned Average resolution time Number of tickets reopened

    Document in the Ticket Analysis Report.

    Inefficient ticket-handling processes lead to SLA breaches and unplanned downtime

    Analyze the ticket data to catch mismanaged or lost tickets that lead to unnecessary escalations and impact business profitability

    • Ticket Category – Are your tickets categorized by type of asset? By service?
    • Average Ticket Times – How long does it take to resolve or fulfill tickets?
    • Ticket Priority – What is the impact and urgency of the ticket?
    • SLA/OLA Violations – Did we meet our SLA objectives? If not, why?
    • Ticket Channel – How was the issue reported or ticket received?
    • Response and Fulfillment – Did we complete first contact resolution? How many times was it transferred?
    • Associated Tasks and Tickets – Is this incident associated with any other tasks like change tickets or problem tickets?

    Encourage proper ticket-handling procedures to enable data quality

    Ensure everyone understands the expectations and the value created from having ticket data that follows these expectations

    • Create and update tickets, but not at the expense of good customer service. Agents can start the ticket but shouldn’t spend five minutes creating the ticket when they should be troubleshooting the problem.
    • Update the ticket when the issue is resolved or needs to be escalated. If agents are escalating, they should make sure all relevant information is passed along within the ticket to the next technician.
    • Update user of ETA if issue cannot be resolved quickly.
    • Ticket templates for common incidents can lead to fast creation, data input, and categorizations. Templates can reduce the time it takes to create tickets from two minutes to 30 seconds.
    • Update categories to reflect the actual issue and resolution.
    • Reference or link to the knowledgebase article as the documented steps taken to resolve the incident.
    • Validate with the client that the incident is resolved; automate this process with ticket closure after a certain time.
    • Close or resolve the ticket on time.

    Info-Tech Insight

    Ticket handling ensures clean handovers, whether it is to higher tiers or back to the customer. When filling the ticket out with information intended for another party, ensure the information is written for their benefit and from their point of view.

    Service Desk Ticket Analysis Tool overview

    The Service Desk Ticket Analysis Tool will help you standardize your ticket data in a meaningful format that will allow you to apply common analyses to identify the actions you need to take to improve service desk operations

    TABS 1 & 2
    INSTRUCTIONS & DATA ENTRY
    TAB 3 : TICKET SUMMARY
    TICKET SUMMARY DASHBOARDS
    TABS 4 to 8: DASHBOARDS
    INCIDENT SERVICE REQUEST CATEGORY
    Sample of the Service Desk Ticket Analysis Tool, tabs 1 & 2.
    Input at least three months of your exported ticket data into the corresponding columns in the tool to feed into the common analysis graphs in the other tabs.
    Sample of the Service Desk Ticket Analysis Tool, tab 3.
    This tab contains multiple dashboards analyzing how tickets come in, who requests them, who resolves them, and how long it takes to resolve them.
    Sample of the Service Desk Ticket Analysis Tool, tabs 4 to 8.
    These tabs each have dashboards outlining analysis on incidents and service requests. The category tab will allow you to dive deeper on commonly reported issues.

    1.1.3 Import your data into our Service Desk Ticket Analysis Tool

    You can still leverage your current data, but use this opportunity to improve your service desk ticket fields down the line

    Input: ITSM data log

    Output: Populated Service Desk Ticket Data Analysis Tool

    Materials: Whiteboard/flip charts, Service Desk Ticket Analysis Tool

    Participants: Service Desk Manager, Service Desk Technicians

    Start here:

    • Extract your ticket data from your ITSM tool in an Excel or text format.
    • Look at the fields on the data entry tab of the Service Desk Ticket Analysis Tool.
    • Fill the fields with your ticket data by copying and pasting relevant sections. It is okay if you don’t have all the fields, but take note of the fields you are missing.
    • With the list of the fields you are missing, run through the following activity to decide if you will need to adopt or add fields to your own service desk ticket tool.
    Fields Captured
    Ticket Number Open Date
    Open Time Closed Date
    Closed Time Intake Channel
    Time to Resolve Site Location
    First Contact Resolution Resolution Code
    Category (I, II, III) Ticket Type (Request or Incident)
    Status of Ticket Resolved by Tier
    Ticket Priority Requestor/Department
    SLA Fulfilled Subject
    Technician

    When entering your data, pay close attention to the following fields:

    • Time to Resolve: This is automatically calculated using data in the Open Date, Open Time, Close Date, and Close Time fields. You have three options for entering your data in these fields:
      1. Enter your data as the fields describe. Ensure your data contain only the field description (e.g. Open Date separated from Open Time). If your data contain Open Date AND Open Time, Excel will not show both.
      2. Enter your data only in Open Date and Close Date. If your ITSM does not separate date and time, you can keep the data in a single cell and enter it in the column. The formula in Time to Resolve will still be accurate.
      3. If your ITSM outputs Time to Resolve, overwrite the formula in the Time to Resolve column.
    • SLA: If your ITSM outputs SLA fulfilled: Y/N, enter that directly into the SLA Fulfilled column.
    • Blank Columns: If you do not have data for all the columns, that is okay. Continue with the following activity. Note that some stock dashboards will be empty if that is the case.
    • Incidents vs. Service Requests: If you separate incidents and service requests, be sure to capture that in the SR/Incident for Tabs 4 and 5. If you do not separate the two, then you will only need to analyze Tab 3.
    Fields Captured
    Ticket Number Open Date
    Open Time Closed Date
    Closed Time Intake Channel
    Time to Resolve Site Location
    First Contact Resolution Resolution Code
    Category (I, II, III) Ticket Type (Request or Incident)
    Status of Ticket Resolved by Tier
    Ticket Priority Requestor/Department
    SLA Fulfilled Subject
    Technician

    Use Info-Tech’s tool instead of building your own. Download the Service Desk Ticket Analysis Tool.

    1.1.4 Update your ticket fields for future analysis

    Input: Populated Service Desk Ticket Data Analysis Tool

    Output: New ticket fields to track

    Materials: Whiteboard/flip charts, Service Desk Ticket Analysis Tool

    Participants: Service Desk Manager, Service Desk Technicians

    As a group, pay attention to the ticket fields populated in the tool as well as the ticket fields that you were not able to populate. Use the example “Fields Captured” table to the right, which lists all fields present in the ticket analysis tool.

    Discuss the following questions:

    1. Consider the fields not captured. Would it be valuable to start capturing that data for future analysis?
    2. If so, does your ITSM support that field?
    3. Can you make the change in-house or do you have to bring in an external ITSM administrator to make the change?
    4. Capture the results in the Ticket Analysis Report.
    Example: Fields Captured - Fields Not Captured
    Ticket Number Open Date
    Open Time Closed Date
    Closed Time Intake Channel
    Time to Resolve Site Location
    First Contact Resolution Resolution Code
    Category (I, II, III) Ticket Type (Request or Incident)
    Status of Ticket Resolved by Tier
    Ticket Priority Requestor/Department
    SLA Fulfilled Subject
    Technician

    Document in the Ticket Analysis Report.

    Info-Tech Insight

    Don’t wait for your ticket quality to be perfect. You can still draw actions from your ticket data. They will likely be process improvements initially, but the exercise of pulling the data is a necessary first step.

    Common ticket fields tracked by your peers

    Which of these metrics do you track and action?

    • Remember you don’t have to track every metric. Only track metrics that are actionable.

    For each metric that you end up tracking:

    • Look for trends over time.
    • Brainstorm reasons why the metric could rise or fall.

    Associate a metric with each improvement you execute.

    • Performing this step will allow you to better see the value from your team’s efforts.
    • It will also give you a quicker response than waiting for spikes in your data.

    A bar chart of 'Metrics tracked by other organizations' with the x-axis populated by different metrics and the y-axis as '% organizations who track the metric'. The highest percentage of businesses track 'Ticket volume', then 'Ticket trends by category', then 'Tickets by business units'. The lowest three shown are 'Reopened tickets', 'Cost per ticket', and 'Other'.(Source: Info-Tech survey, 2021; N=20)

    PHASE 2

    Analyze Your Ticket Data

    This phase will walk you through the following activities:

    • 2.1.1 Review high-level ticket dashboards
    • 2.2.1 Review incident, service request, and ticket category dashboards

    This phase involves the following participants:

    • Service Desk Manager
    • Service Desk Technicians
    • IT Managers

    Visualize your ticket data as a first step to analysis

    Identifying trends is easier when looking at diagrams, graphs, and figures

    Start your analysis with common visuals employed by other service desk professionals

    • Phase 2 will walk you through visualizing your data to get a better understanding of your ticket intake, incident management, and service request management.
    • Each step will walk you through:
      • Common visualizations used by service desks
      • Patterns to look for in your visualizations
      • Actions to take to address negative patterns and to continue positive trends
    • Share diagrams that underscore both the value being provided by the service desk as well as the scope of the pain points. Use Info-Tech’s Ticket Analysis Report template as a starting point.

    “Being able to tell stories with data is a skill that’s becoming ever more important in our world of increasing data and desire for data-driven decision making. An effective data visualization can mean the difference between success and failure when it comes to communicating the findings of your study, raising money for your nonprofit, presenting to your board, or simply getting your point across to your audience.” - Cole Knaflic, Founder and CEO, Storytelling with Data: A Data Visualization Guide for Business Professionals

    Use the detailed dashboards to determine the next steps for improvement

    A single number doesn’t tell the whole picture

    Analyze trends over time:

    • Analyze trends by day, by week, by month, and by year to determine:
      • When are the busy periods? (E.g. Do tickets tend to spike every morning, every Monday, or every September?)
      • When are the slow periods? (E.g. Do tickets drop at the end of the day, at midday, on Fridays, or over the summer?)
    • Are spikes or drops in volume consistent trends or one-time anomalies?

    Then build a plan to address them:

    • How will you handle volume spikes, if they’re consistent?
    • What can your resources work on during slow times, if they are consistent?
    • If you assume no shrinkage, can you handle the peaks in volume if you make all FTEs available to work on tickets at a certain time of day?

    Sample of a bar chart comparing tickets that were 'Backlog versus Closed by Month Opened'.

    Look for seasonal trends. In this example, we see high ticket volumes in May and January, with lower ticket volumes in June and July when many staff are taking holidays. However, also be careful to look at the big picture of how you pulled the data. August through October sees a high volume of open tickets because the data set is pulled in November, not because there’s a seasonal spike on tickets not closing at the end of the fiscal year.

    Track ticket data over time

    Make low-effort adjustments before major changes

    Don’t rush to a decision based off the first numbers you see

    Review ticket summary dashboard

    Ideally, you should track ticket patterns over an entire year to get a full sense of trends within each month of the year. At minimum, track for 30 days, then 60, then 90, and see if anything changes. The longer you can track ticket patterns, the more accurate your picture will be.

    Review additional dashboards

    If you separate incidents and service requests, and you have accurate ticket categories, then you can use these dashboards to further break down the data to identify ticket trends.

    The output of the ticket analysis will only be as accurate as its input.
    To get the most accurate results, first ensure your data is accurate, then analyze it over as much time as possible. Aggregating with accurate data will give you a better picture of the trends in demand that your service desk sees.

    Not separating incidents and service requests? Need to fix your ticket categories? Visit Standardize the Service Desk to get started.

    Analyze incidents and requests separately

    Each type has its own set of customer experiences and expectations

    • Different ticket types are associated with radically different prioritization, routing, and service levels. For instance, most incidents are resolved within a business day, but requests take longer to implement.
    • If you fail to distinguish between ticket types, your metrics will obscure service desk performance.
    • From a ticket analysis standpoint, separating ticket types prior to analysis or, better yet, at intake allows for cleaner data. In turn, this means more structured analyses, better insights, and more meaningful actions. Not separating ticket types may still get you to the same conclusions, but it will be much more difficult to sift through the data.

    Incident

    An unanticipated interruption of a service.
    The goal of incident management is to restore the service as soon as possible, even if the resolution involves a workaround.

    Request

    A generic description for a small change or service access.
    Requests are small, frequent, and low risk. They are best handled by a process distinct from incident, change, and project management.

    Not separating incidents and service requests? Need to fix your ticket categories? Visit Standardize the Service Desk to get started.

    Step 2.1

    Analyze Your High-Level Ticket Data

    Dashboards
    • Ticket Volume
    • Ticket Intake
    • Ticket Handling and Resolution
    • Ticket Categorization

    This step will walk you through the following activities:

    Visualize the current state of your service desk.

    This step involves the following participants:

    • Service Desk Manager
    • Service Desk Technicians
    • IT Managers

    Outcomes of this step

    Build your metrics baseline to compare with future metric results.

    Dashboards: Ticket Volume

    Example of a dashboard for ticket volume with two bar charts, one breaking down volume by month, and the other marking certain days or weeks in each month.

    Analyze your data for insights

    • Analyze volume trends by day, by week, by month, and by year to determine:
      • When are the busy periods? (E.g. Do tickets tend to spike every morning, every Monday, or every September?)
      • When are slow periods? (E.g. Do tickets drop at the end of the day, at midday, on Fridays, or over the summer?)
    • Are spikes or drops in volume consistent trends or one-time anomalies?
    • What can your resources be working on during slow times? Are you able to address ticket backlog?

    Dashboards: Ticket Intake

    Example of a dashboard for ticket intake with three bar charts, one breaking it down by 'Intake Channel', one by 'Requestor/Department', and one by 'Location'.

    Analyze your data for insights

    • Determine how to drive intake to the most appropriate solution for your organization:
      • A web portal is the most efficient intake method, but it must be user friendly to increase its adoption.
      • The phone should be available for urgent requests or incidents. Encourage those who call with a request to submit a ticket through the portal.
      • Discourage use of email if it is unstructured, as users don’t provide enough detail, and often two or three transactions are required for triage.
      • If walk-ups are encouraged, structure and formalize the support so it can be resourced and managed rather than interrupt-driven.

    Dashboard: Ticket Handling and Resolution

    Example of a dashboard for ticket handling and resolution with three bar charts, one breaking down 'Tickets Resolved by Technician', one by 'Tier', and one by 'Average Time to Resolve (Hours)'.

    Analyze your data for insights

    • Look at your ticket load by technician and by tier. This is an essential step to set your baseline to measure your shift-left initiatives. If you are focusing on self-service or Tier 1 training, the ticket load from higher tiers should decrease over time.
    • If Tiers 2 and 3 are handling the majority of the tickets, this could be a red flag indicating tickets are inappropriately escalated or Tier 1 could use more training and support.
    • For average time to resolve and average time to resolve by tier, are you meeting your SLAs? If not, are your SLAs too aggressive? Are tickets left open and not properly closed?

    Dashboard: Ticket Categorization

    Analyze your data for insights

    • Ticket categorization is critical to clean data. Having a categorization scheme with categories that are miscellaneous, too specific, or too general easily leads to inaccurate reporting or confusing workflows for technicians.
    • When looking at your ticket categories, first look for duplicate categories that could be collapsed into one.
    • Also look at your top five to seven categories and see if they make sense. Are these good candidates in your organization for automation or shift-left?
    • Compare your Tier 1 categories. The level of specificity for these categories should be comparable to easily run reports. If they are not, assess the need for a category redesign.

    Example of a dashboard for ticket categorization with one horizontal bar chart, 'Incident Ticket Volume by Level 1 Category'.

    Step 2.2

    Analyze Incidents, Service Requests, and Ticket Categories

    Dashboards
    • Incidents
    • Service Requests
    • Volume by Ticket Category
    • Resolution Times by Priority and/or Category
    • Tabs for More Granular Investigation and Reporting

    This step will walk you through the following activities:

    Visualize your incident and service request ticket load and analyze trends. Use this information and cross reference data sets to gain a holistic view of how the service desk interacts with IT and the business.

    This step involves the following participants:

    • Service Desk Manager
    • Service Desk Technicians
    • IT Managers

    Outcomes of this step

    Gain actionable, data-driven improvements based on your incident and service request data. Show the value of the service desk and highlight improvements needed.

    Incident and Service Requests Dashboard: Priority and SLA

    Example of an Incident and Service Requests dashboard for priority and SLA with three charts, one breaking down 'Incident Priority', one 'Average time to resolve (in hours) by priority', and one '% of SLA met'.

    Analyze your data for insights

    • Your ticket priority distribution for overall load and time to resolve (TTR) should look something like above with low-priority tickets having higher load and TTR and high/critical-priority tickets having a lower load and lower TTR. If it is reversed, that is a good indication that the service desk is too reactive or isn’t properly prioritizing its work.
    • If your SLA has a high failure rate, consider reassessing your targets with SLOs that you can meet before publishing them as achievable SLAs.

    Incident and Service Requests Dashboard: Priority and SLA

    Example of an Incident and Service Requests dashboard for resolution and close with three bar charts, one breaking down 'Incident Volume by Resolution Code', one 'Incidents Resolved by Tier', and one 'Average time to resolve (in hours) by Resolution Code'.

    Analyze your data for insights

    • Examine your ticket handling by looking at ticket status and resolution codes.
      • If you have a lot of blanks, then tickets are not properly handled. Consider reinforcing your standards for close codes and statuses.
      • Alternatively, if tickets are left open, you may have to build follow-ups on stale tickets into your process or introduce proper auto-close processes.

    Category, Resolution Time, and Resolution Code Dashboards

    These PivotCharts allow you to dig deeper

    Investigate whether there are trends in ticket volume and resolution times within specific categories and subcategories

    Tab 6, Category Dashboard; tab 7, Resolution Time Dashboard; and tab 8, Resolution Code Dashboard are PivotCharts. Use these tabs to investigate whether there are trends in ticket volume, resolution times, and resolution codes within specific categories and subcategories.

    Start with the charts that are available. The +/- buttons will allow you to show more granular information. By default, this granularity will be into the levels of the ticket categorization scheme.

    For most categorization schemes, there will be too many categories to properly graph. You can apply a filter to investigate specific categories by clicking on the drop-down buttons.

    Example of dashboards featured on next slide

    Use these tabs for more granular investigation and reporting

    TAB 6
    CATEGORY DASHBOARD
    TAB 7
    RESOLUTION TIME DASHBOARD
    TAB 8
    RESOLUTION TIME DASHBOARD
    Sample of the 'Ticket Volume by Second, Third Level Category' dashboard tab.
    Investigate ticket distributions in first, second, and third levels. Are certain categories overcrowded, suggesting they can be split? Are certain categories not being used?
    Sample of the 'Average Resolution Times' dashboard tab.
    Do average resolution times match your service level agreements? Do certain categories have significantly different resolution times? Are there areas that can benefit from shift-left?
    Sample of the 'Volume of Resolution Codes' dashboard tab.
    Are resolution codes being accurately used? Are there trends in resolution codes? Are these codes providing sufficient information for problem management?

    PHASE 3

    Communicate Your Insights

    This phase will walk you through the following activities:

    • 3.1.1 Review common recommendations
    • 3.2.1 Review ticket reports daily
    • 3.2.2 Incorporate ticket data into retrospectives and team updates
    • 3.2.3 Regularly review trends with business leaders
    • 3.2.4 Tell a story with your data

    This phase involves the following participants:

    • Service Desk Manager
    • Service Desk Technicians
    • IT Managers

    Step 3.1

    Build Recommendations Based on Your Ticket Data

    Activities
    • 3.1.1 Review common recommendations

    This step will walk you through the following activities:

    Review common recommendations as a first step to extracting insights from your own data.

    This step involves the following participants:

    • Service Desk Manager
    • Service Desk Technicians

    Outcomes of this step

    You will gain an understanding of the common challenges with service desks and ticket analysis in general. See which ones apply to you to inform your ticket data analysis moving forward.

    Review these common recommendations

    1. Fix your ticket categories
      Organize your ticket categorization scheme for proper routing and reporting.
    2. Focus more on self-service
      Self-service is essential to enable shift-left strategies. Focus on knowledgebase processes and portal ease of use.
    3. Update your service catalog
      Improve your service catalog, if necessary, to make it easy for end users to request services and for the service desk to provide those services.
    4. Direct volume toward other channels
      Walk-ups make it more difficult to properly log tickets and assign service desk resources. Drive volume to other channels to improve your ticket quality.
    5. Crosstrain Tier 1 on certain topics
      Tier 1 breadth of knowledge is essential to drive up first contact resolution.
    6. Build more automation
      Identify bottlenecks and challenges with your ticket data to streamline ticket handling and resolution.
    7. Revisit service level agreements
      Update your SLAs and/or SLOs to prioritize expectation management for your end users.
    8. Improve your data quality
      You can only analyze data that exists. Revisit your ticket-handling guidelines and more regularly check tickets to ensure they comply with those standards.

    Optimize your processes and look for opportunities for automation

    Leverage Info-Tech research to improve service desk processes

    Review your service desk processes and tools for optimization opportunities:

    • Clearly establish ticket-handling guidelines.
    • Use ticket templates to reduce time spent entering tickets.
    • Document incident management and service request fulfillment workflows and eliminate any unnecessary steps.
    • Automate manual tasks wherever possible.
    • Build or improve a self-service portal with a knowledgebase to allow users to resolve their own issues, reducing incoming ticket volume to the service desk.
    • Optimize your internal knowledgebase to reduce time spent troubleshooting recurring issues.
    • Leverage AI capabilities to speed up ticket processing and resolution.

    Standardize the Service Desk

    This project will help you build and improve essential service desk processes, including incident management, request fulfillment, and knowledge management.

    Optimize the Service Desk With a Shift-Left Strategy

    This project will help you build a strategy to shift service support left to optimize your service desk operations and increase end-user satisfaction.

    Step 3.2

    Action and Communicate Your Ticket Data

    Activities
    • 3.2.1 Review your ticket queues daily
    • 3.2.2 Incorporate ticket data into retrospectives and team status updates
    • 3.2.3 Regularly review trends with business leaders
    • 3.2.4 Tell a story with your data

    This step will walk you through the following activities:

    Organize your scrums to report on the metrics that will inform daily and monthly operations.

    This step involves the following participants:

    • Service Desk Manager
    • Service Desk Technicians
    • IT Managers

    Outcomes of this step

    Use the dashboards and data to inform your daily and monthly scrums.

    3.2.1 Review your ticket queues daily

    Clean data is still useless if not used properly

    • The metrics you’ve chosen to measure and visualize in the previous step are useful for informing your day-to-day, week-to-week, and month-to-month strategies for the service desk and IT. Conduct scrums daily to action your dashboard data to help clear ticket queues.
    • Reference your dashboards daily with each IT team.
    • You need to have a dashboard of open tickets assigned to each team.

    Review Daily

    • Ticket volume over the last day (look for spikes)
    • SLA breach risks/SLA breaches
    • Recurring incidents
    • Tickets open
    • Tickets handed over (confirmation of handover)

    3.2.2 Incorporate ticket data into retrospectives and team status updates

    Explain your metric spikes and trends

    • Hold weekly or monthly meetings to review the ticket trends selected during Phases 1 and 2 of this blueprint.
    • Review ticket spikes, identify seasonal trends, and discuss root causes (e.g. projects/changes going live, onboarding blitz).
    • Discuss any actions associated with spikes and seasonal trends (e.g. resource allocation, hiring, training).
    • You can incorporate other IT leaders or departments in this meeting as needed to discuss action items for improvement, quality assurance concerns, customer service concerns, and/or operating level agreement concerns.

    Review Weekly/Monthly

    • Ticket volume
    • Ticket category by priority level over time
    • Tickets from different business groups, VIP groups, and different vertical levels
    • Tickets escalated, tickets that didn’t need to be escalated, tickets that were incorrectly escalated
    • Ticket priority levels over time
    • Most requested services
    • Tickets resolved by which group over time
    • Ability to meet SLAs and OLAs over time by different groups

    3.2.3 Regularly review trends with business leaders

    Use your data to help improve business relationships

    Review the following with business leaders:

    • Volume of work done this past time cycle for the leader’s group
    • Trends and spikes in the data and possible explanations for them (note: get their input on the potential causes of trends)
    • Improvements you plan to execute within the service desk
    • Action items you need from the business leader

    Use your data to show the value you provide to the group. Schedule quarterly meetings with the heads of different business groups to discuss the work that the service desk does for each group.

    Show trends in incidents and service requests: “I see you have a spike in CRM tickets. I’ve been working with the CRM team to address this issue.”

    3.2.4 Tell a story with your data

    Effectively communicate with the business and leadership

    • With your visualized metrics, organize your story into a presentation for different stakeholder groups. You can use the Ticket Analysis Report as a starting point to provide data about:
      • Value provided by the service desk
      • Successes
      • Opportunities for Improvements
      • Current state of KPIs
    • Include information about the causes of data trends and actions you will take in response to the data.
    • For each of these themes, look at the metrics you’ve chosen to track and see which ones fit to tell the story. Let the data do the talking.
    • Consider supplementing the ticket data with data from other systems. For example, you can include data on transactional customer satisfaction surveys, knowledgebase utilization, and self-service utilization.

    Sample of the Ticket Analysis Report.

    Download the Ticket Analysis Report.

    Ticket Analysis Report

    Include the following information as you build your ticket analysis report:

    • Value Provided by the Service Desk
      Start with the value provided by the service desk to different areas of the business. Include information about first contact resolution, average resolution times, ticket volume (e.g. by category, priority, location, requestor).
    • Successes
      Successes is a general field that can include how process improvements have impacted the service desk or how initiatives have enhanced shift-left opportunities. Highlight any positive trends over time.
    • Opportunities for Improvement
      Let the data guide the conversation to where improvements can be made. Day-to-day ops, self-service tools, shifting work left from Tier 2, Tier 3, standardizing a non-standard service, and staffing adjustments are possibilities for this section.
    • Current State of KPIs
      Mean time to resolve, FCR, ticket volume, and end-user satisfaction are great KPIs to include as a starting point.

    Sample of the Ticket Analysis Report.

    Download the Ticket Analysis Report.

    Summary of Accomplishment

    Problem Solved

    You now have a better understanding of how to action your service desk ticket data, including improvements to your current ticket templates for incidents and service requests.

    You also have the data to craft a story to different stakeholder groups to celebrate the successes of the service desk and highlight possible improvements. Continue this exercise iteratively to continue improving the service desk.

    Remember, ticket analysis is not a single event but an ongoing initiative. As you track, analyze, and action more data, you will find more improvements.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Photo of Benedict Chang.

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team. Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Sample of dashboards we saw earlier. Sample of the 'Ticket Analysis Report'.
    Analyze your dashboards
    An analyst will walk through the ticket data and dashboards with you and your team to help interpret the data and tailor improvements
    Populate your ticket data report
    Given the action items from this solution set, an analyst will help you craft a report to celebrate the successes and highlight needed improvements in the service desk.

    Related Info-Tech Research

    Optimize the Service Desk With a Shift-Left Strategy

    The best type of service desk ticket is the one that doesn’t exist.

    Incident & Problem Management

    Don’t let persistent problems govern your department.

    Design & Build a User-Facing Service Catalog

    Improve user satisfaction with IT with a convenient menu-like catalog.

    Bibliography

    Bayes, Scarlett. “ITSM: 2021 & Beyond.” Service Desk Institute, 2021. Web.

    “Benchmarking Report v.9.” Service Desk Institute, 17 Jan. 2020. Web.

    Bennett, Micah. “The 9 Help Desk Metrics That Should Guide Your Customer Support.” Zapier, 3 Dec. 2015. Web.

    “Global State of Customer Service: The transformation of customer service from 2015 to present day.” Microsoft Dynamics 365, Microsoft, 2020. Web.

    Goodey, Ben. “How to Manually Analyze Support Tickets.” SentiSum, 26 July 2021. Web.

    Jadhav, Megha. “Four Metrics to Analyze When Using Ticketing Software.” Vision Helpdesk Blog, 21 Mar. 2016. Web.

    Knaflic, Cole Nussbaumer. Storytelling with Data: A Data Visualization Guide for Business Professionals. Wiley, 2015.

    Li, Ta Hsin, et al. “Incident Ticket Analytics for IT Application Management Services.” 2014 IEEE International Conference on Services Computing, 2014. Web.

    Olson, Sarah. “10 Help Desk Metrics for Service Desks and Internal Help Desks.” Zendesk Blog, Sept. 2021. Web.

    Paramesh, S.P., et al. “Classifying the Unstructured IT Service Desk Tickets Using Ensemble of Classifiers.” 2018 3rd International Conference on Computational Systems and Information Technology for Sustainable Solutions (CSITSS), 2018. Web.

    Volini, Erica, et al. “2021 Global Human Capital Trends: Special Report.” Deloitte Insights, 21 July 2021. Web.

    “What Kind of Analysis You Can Perform on a Ticket Management System.” Commence, 3 Dec. 2019. Web.

    INFO-TECH RESEARCH GROUP

    Create a Holistic IT Dashboard

    • Buy Link or Shortcode: {j2store}117|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $8,049 Average $ Saved
    • member rating average days saved: 8 Average Days Saved
    • Parent Category Name: Performance Measurement
    • Parent Category Link: /performance-measurement
    • IT leaders do not have a single holistic view of how their 45 IT processes are operating.
    • Expecting any single individual to understand the details of all 45 IT processes is unrealistic.
    • Problems in performance only become evident when the process has already failed.

    Our Advice

    Critical Insight

    • Mature your IT department by measuring what matters.
    • Don’t measure things just because you can; change what you measure as your organization matures.

    Impact and Result

    • Use Info-Tech’s IT Metrics Library to review typical KPIs for each of the 45 process areas and select those that apply to your organization.
    • Configure your IT Management Dashboard to record your selected KPIs and start to measure performance.
    • Set up the cadence for review of the KPIs and develop action plans to improve low-performing indicators.

    Create a Holistic IT Dashboard Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out how to develop your KPI program that leads to improved performance.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Choose the KPIs

    Identify the KPIs that matter to your organization’s goals.

    • Create a Holistic IT Dashboard – Phase 1: Choose the KPIs
    • IT Metrics Library

    2. Build the Dashboard

    Use the IT Management Dashboard on the Info-Tech website to display your chosen KPIs.

    • Create a Holistic IT Dashboard – Phase 2: Build the Dashboard

    3. Create the Action Plan

    Use the review of your KPIs to build an action plan to drive performance.

    • Create a Holistic IT Dashboard – Phase 3: Build the Action Plan
    [infographic]

    Workshop: Create a Holistic IT Dashboard

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Identify What to Measure (Offsite)

    The Purpose

    Determine the KPIs that matter to your organization.

    Key Benefits Achieved

    Identify organizational goals

    Identify IT goals and their organizational goal alignment

    Identify business pain points

    Activities

    1.1 Identify organizational goals.

    1.2 Identify IT goals and organizational alignment.

    1.3 Identify business pain points.

    Outputs

    List of goals and pain points to create KPIs for

    2 Configure the Dashboard Tool (Onsite)

    The Purpose

    Learn how to configure and use the IT Management Dashboard.

    Key Benefits Achieved

    Configured IT dashboard

    Initial IT scorecard report

    Activities

    2.1 Review metrics and KPI best practices.

    2.2 Use the IT Metrics Library.

    2.3 Select the KPIs for your organization.

    2.4 Use the IT Management Dashboard.

    Outputs

    Definition of KPIs to be used, data sources, and ownership

    Configured IT dashboard

    3 Review and Develop the Action Plan

    The Purpose

    Learn how to review and plan actions based on the KPIs.

    Key Benefits Achieved

    Lead KPI review to actions to improve performance

    Activities

    3.1 Create the scorecard report.

    3.2 Interpret the results of the dashboard.

    3.3 Use the IT Metrics Library to review suggested actions.

    Outputs

    Initial IT scorecard report

    Action plan with initial actions

    4 Improve Your KPIs (Onsite)

    The Purpose

    Use your KPIs to drive performance.

    Key Benefits Achieved

    Improve your metrics program to drive effectiveness

    Activities

    4.1 Develop your action plan.

    4.2 Execute the plan and tracking progress.

    4.3 Develop new KPIs as your practice matures.

    Outputs

    Understanding of how to develop new KPIs using the IT Metrics Library

    5 Next Steps and Wrap-Up (Offsite)

    The Purpose

    Ensure all documentation and plans are complete.

    Key Benefits Achieved

    Documented next steps

    Activities

    5.1 Complete IT Metrics Library documentation.

    5.2 Document decisions and next steps.

    Outputs

    IT Metrics Library

    Action plan

    Further reading

    Create a Holistic IT Dashboard

    Mature your IT department by measuring what matters.

    Executive Brief

    Analyst Perspective

    Measurement alone provides only minimal improvements

    It’s difficult for CIOs and other top-level leaders of IT to know if everything within their mandate is being managed effectively. Gaining visibility into what’s happening on the front lines without micromanaging is a challenge most top leaders face.

    Understanding Info-Tech’s Management and Governance Framework of processes that need to be managed and being able to measure what’s important to their organization's success can give leaders the ability to focus on their key responsibilities of ensuring service effectiveness, enabling increased productivity, and creating the ability for their teams to innovate.

    Even if you know what to measure, the measurement alone will lead to minimal improvements. Having the right methods in place to systematically collect, review, and act on those measurements is the differentiator to driving up the maturity of your IT organization.

    The tools in this blueprint can help you identify what to measure, how to review it, and how to create effective plans to improve performance.

    Tony Denford

    Research Director, Info-Tech Research Group

    Executive Summary

    Your Challenge

    • IT leaders do not have a single holistic view of how their IT processes are operating.
    • Expecting any single individual to understand the details of all IT processes is unrealistic.
    • Problems in performance only become evident when the process has already failed.

    Common Obstacles

    • Business changes quickly, and what should be measured changes as a result.
    • Most measures are trailing indicators showing past performance.
    • Measuring alone does not result in improved performance.
    • There are thousands of operational metrics that could be measured, but what are the right ones for an overall dashboard?

    Info-Tech's Approach

    • Use Info-Tech’s IT Metrics Library to review typical KPIs for each of the process areas and select those that apply to your organization.
    • Configure your IT Management Dashboard to record your selected KPIs and start to measure performance.
    • Set up the cadence for review of the KPIs and develop action plans to improve low-performing indicators.

    Info-Tech Insight

    Mature your IT department by aligning your measures with your organizational goals. Acting early when your KPIs deviate from the goals leads to improved performance.

    Your challenge

    This research is designed to help organizations quickly choose holistic measures, review the results, and devise action plans.

    • The sheer number of possible metrics can be overwhelming. Choose metrics from our IT Metrics Library or choose your own, but always ensure they are in alignment with your organizational goals.
    • Ensure your dashboard is balanced across all 45 process areas that a modern CIO is responsible for.
    • Finding leading indicators to allow your team to be proactive can be difficult if your team is focused on the day-to-day operational tasks.
    • It can be time consuming to figure out what to do if an indicator is underperforming.

    Build your dashboard quickly using the toolset in this research and move to improvement actions as soon as possible.

    The image is a bar graph, titled KPI-based improvements. On the X-axis are four categories, each with one bar for Before KPIs and another for After KPIs. The categories are: Productivity; Fire Incidents; Request Response Time; and Savings.

    Productivity increased by 30%

    Fire/smoke incidents decreased by 25% (high priority)

    Average work request response time reduced by 64%

    Savings of $1.6 million in the first year

    (CFI, 2013)

    Common obstacles

    These barriers make this challenge difficult to address for many organizations:

    • What should be measured can change over time as your organization matures and the business environment changes. Understanding what creates business value for your organization is critical.
    • Organizations almost always focus on past result metrics. While this is important, it will not indicate when you need to adjust something until it has already failed.
    • It’s not just about measuring. You also need to review the measures often and act on the biggest risks to your organization to drive performance.

    Don’t get overwhelmed by the number of things you can measure. It can take some trial and error to find the measures that best indicate the health of the process.

    The importance of frequent review

    35% - Only 35% of governing bodies review data at each meeting. (Committee of University Chairs, 2008)

    Common obstacles

    Analysis paralysis

    Poor data can lead to incorrect conclusions, limit analysis, and undermine confidence in the value of your dashboard.

    Achieving perfect data is extremely time consuming and may not add much value. It can also be an excuse to avoid getting started with metrics and analytics.

    Data quality is a struggle for many organizations. Consider how much uncertainty you can tolerate in your analysis and what would be required to improve your data quality to an acceptable level. Consider cost, technological resources, people resources, and time required.

    Info-Tech Insight

    Analytics are only as good as the data that informs it. Aim for just enough data quality to make informed decisions without getting into analysis paralysis.

    Common obstacles

    The problem of surrogation

    Tying KPIs and metrics to performance often leads to undesired behavior. An example of this is the now infamous Wells Fargo cross-selling scandal, in which 3.5 million credit card and savings accounts were opened without customers’ consent when the company incented sales staff to meet cross-selling targets.

    Although this is an extreme example, it’s an all-too-common phenomenon.

    A focus on the speed of closure of tickets often leads to shortcuts and lower-quality solutions.

    Tying customer value to the measures can align the team on understanding the objective rather than focusing on the measure itself, and the team will no longer be able to ignore the impact of their actions.

    Surrogation is a phenomenon in which a measure of a behavior replaces the intent of the measure itself. People focus on achieving the measure instead of the behavior the measure was intended to drive.

    Info-Tech’s thought model

    The Threefold Role of the IT Executive Core CIO Objectives
    IT Organization - Manager A - Optimize the Effectiveness of the IT Organization
    Enterprise - Partner B - Boost the Productivity of the Enterprise
    Market - Innovator C - Enable Business Growth Through Technology

    Low-Maturity Metrics Program

    Trailing indicators measure the outcomes of the activities of your organization. Hopefully, the initiatives and activities are aligned with the organizational goals.

    High-Maturity Metrics Program

    The core CIO objectives align with the organizational goals, and teams define leading indicators that show progress toward those goals. KPIs are reviewed often and adjustments are made to improve performance based on the leading indicators. The results are improved outcomes, greater transparency, and increased predictability.

    The image is a horizontal graphic with multiple text boxes. The first (on the left) is a box that reads Organizational Goals, second a second box nested within it that reads Core CIO Objectives. There is an arrow pointing from this box to the right. The arrow connects to a text box that reads Define leading indicators that show progress toward objectives. To the right of that, there is a title Initiatives & activities, with two boxes beneath it: Processes and Projects. Below this middle section, there is an arrow pointing left, with the text: Adjust behaviours. After this, there is an arrow pointing right, to a box with the title Outcomes, and the image of an unlabelled bar graph.

    Info-Tech’s approach

    Adopt an iterative approach to develop the right KPIs for your dashboard

    Periodically: As appropriate, review the effectiveness of the KPIs and adjust as needed.

    Frequently: At least once per month, but the more frequent, the more agility your organization will have.

    The image shows a series of steps in a process, each connected by an arrow. The process is iterative, so the steps circle back on themselves, and repeat. The process begins with IT Metrics Library, then Choose or build KPIs, then Build Dashboard, then Review KPIs and Create action plan. Review KPIs and Create action plan are steps that the graphic indicates should be repeated, so the arrows are arranged in a circle around these two items. Following that, there is an additional step: Are KPIs and action plans leading to improved results? After this step, we return to the Choose or build KPIs step.

    The Info-Tech difference:

    1. Quickly identify the KPIs that matter to your organization using the IT Metrics Library.
    2. Build a presentable dashboard using the IT Management Dashboard available on the Info-Tech website.
    3. When indicators show underperformance, quickly get them back on track using the suggested research in the IT Metrics Library.
    4. If your organization’s needs are different, define your own custom metrics using the same format as the IT Metrics Library.
    5. Use the action plan tool to keep track of progress

    Info-Tech’s methodology for creating a holistic IT dashboard

    1. Choose the KPIs 2. Build the Dashboard 3. Create the Action Plan
    Phase Steps
    1. Review available KPIs
    2. Select KPIs for your organization
    3. Identify data sources and owners
    1. Understand how to use the IT Management Dashboard
    2. Build and review the KPIs
    1. Prioritize low-performing indicators
    2. Review suggested actions
    3. Develop your action plan
    Phase Outcomes A defined and documented list of the KPIs that will be used to monitor each of the practice areas in your IT mandate A configured dashboard covering all the practice areas and the ability to report performance in a consistent and visible way An action plan for addressing low-performing indicators

    Insight summary

    Mature your IT department by aligning your measures with your organizational goals. Acting early when your KPIs deviate from the goals leads to improved performance.

    Don’t just measure things because you can. Change what you measure as your organization becomes more mature.

    Select what matters to your organization

    Measure things that will resolve pain points or drive you toward your goals.

    Look for indicators that show the health of the practice, not just the results.

    Review KPIs often

    Ease of use will determine the success of your metrics program, so keep it simple to create and review the indicators.

    Take action to improve performance

    If indicators are showing suboptimal performance, develop an action plan to drive the indicator in the right direction.

    Act early and often.

    Measure what your customers value

    Ensure you understand what’s valued and measure whether the value is being produced. Let front-line managers focus on tactical measures and understand how they are linked to value.

    Look for predictive measures

    Determine what action will lead to the desired result and measure if the action is being performed. It’s better to predict outcomes than react to them.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    IT Metrics Library

    Customize the KPIs for your organization using the IT Metrics Library

    IT Metrics Library Action Plan

    Keep track of the actions that are generated from your KPI review

    Key deliverable:

    IT Management Dashboard and Scorecard

    The IT Overall Scorecard gives a holistic view of the performance of each IT function

    Blueprint benefits

    IT Benefits

    • An IT dashboard can help IT departments understand how well they are performing against key indicators.
    • It can allow IT teams to demonstrate to their business partners the areas they are focusing on.
    • Regular review and action planning based on the results will lead to improved performance, efficiency, and effectiveness.
    • Create alignment of IT teams by focusing on common areas of performance.

    Business Benefits

    • Ensure alignment and transparency between the business and IT.
    • Understand the value that IT brings to the operation and strategic initiatives of your organization.
    • Understand the contribution of the IT team to achieving business outcomes.
    • Focus IT on the areas that are important to you by requesting new measures as business needs change.

    Measure the value of this blueprint

    Utilize the existing IT Metrics Library and IT Dashboard tools to quickly kick off your KPI program

    • Developing the metrics your organization should track can be very time consuming. Save approximately 120 hours of effort by choosing from the IT Metrics Library.
    • The need for a simple method to display your KPIs means either developing your own tool or buying one off the shelf. Use the IT Management Dashboard to quickly get your KPI program up and running. Using these tools will save approximately 480 hours.
    • The true value of this initiative comes from using the KPIs to drive performance.

    Keeping track of the number of actions identified and completed is a low overhead measure. Tracking time or money saved is higher overhead but also higher value.

    The image is a screen capture of the document titled Establish Baseline Metrics. It shows a table with the headings: Metric, Current, Goal.

    The image is a chart titled KPI benefits. It includes a legend indicating that blue bars are for Actions identified, purple bars are for Actions completed, and the yellow line is for Time/money saved. The graph shows Q1-Q4, indicating an increase in all areas across the quarters.

    Executive Brief Case Study

    Using data-driven decision making to drive stability and increase value

    Industry: Government Services

    Source: Info-Tech analyst experience

    Challenge

    A newly formed application support team with service desk responsibilities was becoming burned out due to the sheer volume of work landing on their desks. The team was very reactive and was providing poor service due to multiple conflicting priorities.

    To make matters worse, there was a plan to add a major new application to the team’s portfolio.

    Solution

    The team began to measure the types of work they were busy doing and then assessed the value of each type of work.

    The team then problem solved how they could reduce or eliminate their low-value workload.

    This led to tracking how many problems were being resolved and improved capabilities to problem solve effectively.

    Results

    Upon initial data collection, the team was performing 100% reactive workload. Eighteen months later slightly more than 80% of workload was proactive high-value activities.

    The team not only was able to absorb the additional workload of the new application but also identified efficiencies in their interactions with other teams that led to a 100% success rate in the change process and a 92% decrease in resource needs for major incidents.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostic and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 - Choose the KPIs

    Call #1: Scope dashboard and reporting needs.

    Call #2: Learn how to use the IT Metrics Library to select your metrics.

    Phase 2 – Build the Dashboard

    Call #3: Set up the dashboard.

    Call #4: Capture data and produce the report.

    Phase 3 – Create the Action Plan

    Call #5: Review the data and use the metrics library to determine actions.

    Call #6: Improve the KPIs you measure.

    A Guided Implementation (GI) is series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 5 and 8 calls over the course of 2 to 3 months.

    Workshop Overview

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4 Day 5
    Identify What to Measure Configure the Dashboard Tool Review and Develop the Action Plan Improve Your KPIs Compile Workshop Output
    Activities

    1.1 Identify organizational goals.

    1.2 Identify IT goals and organizational alignment.

    1.3 Identify business pain points.

    2.1 Determine metrics and KPI best practices.

    2.2 Learn how to use the IT Metrics Library.

    2.3 Select the KPIs for your organization.

    2.4 Configure the IT Management Dashboard.

    3.1 Create the scorecard report.

    3.2 Interpret the results of the dashboard.

    3.3 Use the IT Metrics Library to review suggested actions.

    4.1 Develop your action plan.

    4.2 Execute the plan and track progress.

    4.3 Develop new KPIs as your practice matures.

    5.1 Complete the IT Metrics Library documentation.

    5.2 Document decisions and next steps.

    Outcomes 1. List of goals and pain points that KPIs will measure

    1. Definition of KPIs to be used, data sources, and ownership

    2. Configured IT dashboard

    1. Initial IT scorecard report

    2. Action plan with initial actions

    1. Understanding of how to develop new KPIs using the IT Metrics Library

    1. IT Metrics Library documentation

    2. Action plan

    Phase 1

    Choose the KPIs

    Phase 1

    1.1 Review Available KPIs

    1.2 Select KPIs for Your Org.

    1.3 Identify Data Sources and Owners

    Phase 2

    2.1 Understand the IT Management Dashboard

    2.2 Build and Review the KPIs

    Phase 3

    3.1 Prioritize Low-Performing Indicators

    3.2 Review Suggested Actions

    3.3 Develop the Action Plan

    This phase will walk you through the following activities:

    Reviewing and selecting the KPIs suggested in the IT Metrics Library.

    Identifying the data source for the selected KPI and the owner responsible for data collection.

    This phase involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Step 1.1

    Review Available KPIs

    Activities

    1.1.1 Download the IT Metrics Library and review the KPIs for each practice area.

    Choose the KPIs

    Step 1.1 – Review Available KPIs

    Step 1.2 – Select KPIs for Your Org.

    Step 1.3 – Identify Data Sources and owners

    This step will walk you through the following activities:

    Downloading the IT Metrics Library

    Understanding the content of the tool

    Reviewing the intended goals for each practice area

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    Downloaded tool ready to select the KPIs for your organization

    Using the IT Metrics Library

    Match the suggested KPIs to the Management and Governance Framework

    The “Practice” and “Process” columns relate to each of the boxes on the Info-Tech Management and Governance Framework. This ensures you are measuring each area that needs to be managed by a typical IT department.

    The image shows a table on the left, and on the right, the Info-Tech Management and Governance Structure. Sections from the Practice and Process columns of the table have arrows emerging from them, pointing to matching sections in the framework.

    Using the IT Metrics Library

    Content for each entry

    KPI - The key performance indicator to review

    CSF - What needs to happen to achieve success for each goal

    Goal - The goal your organization is trying to achieve

    Owner - Who will be accountable to collect and report the data

    Data Source (typical) - Where you plan to get the data that will be used to calculate the KPI

    Baseline/Target - The baseline and target for the KPI

    Rank - Criticality of this goal to the organization's success

    Action - Suggested action if KPI is underperforming

    Blueprint - Available research to address typical underperformance of the KPI

    Practice/Process - Which practice and process the KPI represents

    1.1.1 Download the IT Metrics Library

    Input

    • IT Metrics Library

    Output

    • Ideas for which KPIs would be useful to track for each of the practice areas

    Materials

    • Whiteboard/flip charts

    Participants

    • IT senior leadership
    • Process area owners
    • Metrics program owners and administrators

    4 hours

    1. Click the link below to download the IT Metrics Library spreadsheet.
    2. Open the file and select the “Data Entry” tab.
    3. The sheet has suggested KPIs for each of the 9 practice areas and 45 processes listed in the Info-Tech Management and Governance Framework. You can identify this grouping in the “Practice” and “Process” columns.
    4. For each practice area, review the suggested KPIs and their associated goals and discuss as a team which of the KPIs would be useful to track in your organization.

    Download the IT Metrics Library

    Step 1.2

    Select KPIs for Your Organization

    Activities

    1.2.1 Select the KPIs that will drive your organization forward

    1.2.2 Remove unwanted KPIs from the IT Metrics Library

    Choose the KPIs

    Step 1.1 – Review Available KPIs

    Step 1.2 – Select KPIs for Your Org.

    Step 1.3 – Identify Data Sources and Owners

    This step will walk you through the following activities:

    • Selecting the KPIs for your organization and removing unwanted KPIs from IT Metrics Library

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    A shortlist of selected KPIs

    1.2.1 Select the KPIs that will drive your organization forward

    Input

    • IT Metrics Library

    Output

    • KPIs would be useful to track for each of the practice areas

    Materials

    • IT Metrics Library

    Participants

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    4 hours

    1. Review the suggested KPIs for each practice area and review the goal.
    2. Some suggested KPIs are similar, so make sure the goal is appropriate for your organization.
    3. Pick up to three KPIs per practice.

    1.2.2 Remove unwanted KPIs

    Input

    • IT Metrics Library

    Output

    • KPIs would be useful to track for each of the practice areas

    Materials

    • IT Metrics Library

    Participants

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    0.5 hours

    1. To remove unwanted KPIs from the IT Metric Library Tool, select the unwanted row, right-click on the row, and delete it.
    2. The result should be up to three KPIs per practice area left on the spreadsheet.

    Step 1.3

    Identify data sources and owners

    Activities

    1.3.1 Document the data source

    1.3.2 Document the owner

    1.3.3 Document baseline and target

    Choose the KPIs

    Step 1.1 – Review Available KPIs

    Step 1.2 – Select KPIs for Your Org.

    Step 1.3 – Identify Data Sources and Owners

    This step will walk you through the following activities:

    Documenting for each KPI where you plan to get the data, who is accountable to collect and report the data, what the current baseline is (if available), and what the target is

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    A list of KPIs for your organization with appropriate attributes documented

    1.3 Identify data sources, owners, baseline, and target

    Input

    • IT Metrics Library

    Output

    • Completed IT Metrics Library

    Materials

    • IT Metrics Library

    Participants

    • Process area owners
    • Metrics program owners and administrators

    2 hours

    1. For each selected KPI, complete the owner, data source, baseline, and target if the information is available.
    2. If the information is not available, document the owner and assign them to complete the other columns.

    Phase 2

    Build the Dashboard

    Phase 1

    1.1 Review Available KPIs

    1.2 Select KPIs for Your Org.

    1.3 Identify Data Sources and Owners

    Phase 2

    2.1 Understand the IT Management Dashboard

    2.2 Build and Review the KPIs

    Phase 3

    3.1 Prioritize Low-Performing Indicators

    3.2 Review Suggested Actions

    3.3 Develop the Action Plan

    This phase will walk you through the following activities:

    Understanding the IT Management Dashboard

    Configuring the IT Management Dashboard and entering initial measures

    Produce thing IT Scorecard from the IT Management Dashboard

    Interpreting the results

    This phase involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Step 2.1

    Understand the IT Management Dashboard

    Activities

    2.1.1 Logging into the IT Management Dashboard

    2.1.2 Understanding the “Overall Scorecard” tab

    2.1.3 Understanding the “My Metrics” tab

    Build the Dashboard

    Step 2.1 – Understand the IT Management Dashboard

    Step 2.2 – Build and review the KPIs

    This step will walk you through the following activities:

    Accessing the IT Management Dashboard

    Basic functionality of the tool

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    Understanding of how to administer the IT Management Dashboard

    2.1.1 Logging into the IT Management Dashboard

    Input

    • Info-Tech membership

    Output

    • Access to the IT Management Dashboard

    Materials

    • Web browser

    Participants

    • Metrics program owners and administrators

    0.5 hours

    1. Using your web browser, access your membership at infotech.com.
    2. Log into your Info-Tech membership account.
    3. Select the “My IT Dashboard” option from the menu (circled in red).
    4. If you cannot gain access to the tool, contact your membership rep.

    The image is a screen capture of the Info-Tech website, with the Login button at the top right of the window circled in red.

    2.1.2 Understanding the “Overall Scorecard” tab

    0.5 hours

    1. Once you select “My IT Dashboard,” you will be in the “Overall Scorecard” tab view.
    2. Scrolling down reveals the data entry form for each of the nine practice areas in the Info-Tech Management and Governance Framework, with each section color-coded for easy identification.
    3. Each of the section headers, KPI names, data sources, and data values can be updated to fit the needs of your organization.
    4. This view is designed to show a holistic view of all areas in IT that are being managed.

    2.1.3 Understanding the “My Metrics” tab

    0.5 hours

    1. On the “My Metrics” tab you can access individual scorecards for each of the nine practice areas.
    2. Below the “My Metrics” tab is each of the nine practice areas for you to select from. Each shows a different subset of KPIs specific to the practice.
    3. The functionality of this view is the same as the overall scorecard. Each title, KPI, description, and actuals are editable to fit your organization’s needs.
    4. This blueprint does not go into detail on this tab, but it is available to be used by practice area leaders in the same way as the overall scorecard.

    Step 2.2

    Build and review the KPIs

    Activities

    2.2.1 Entering the KPI descriptions

    2.2.2 Entering the KPI actuals

    2.2.3 Producing the IT Overall Scorecard

    Build the Dashboard

    Step 2.1 – Understand the IT Management Dashboard

    Step 2.2 – Build and review the KPIs

    This step will walk you through the following activities:

    Entering the KPI descriptions

    Entering the actuals for each KPI

    Producing the IT Overall Scorecard

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    An overall scorecard indicating the selected KPI performance

    2.2.1 Entering the KPI descriptions

    Input

    • Access to the IT Management Dashboard
    • IT Metrics Library with your organization’s KPIs selected

    Output

    • KPI descriptions entered into tool

    Materials

    • Web browser

    Participants

    • Metrics program owners and administrators

    1 hour

    1. Navigate to the IT Management Dashboard as described in section 2.1.1 and scroll down to the practice area you wish to complete.
    2. If needed, modify the section name to match your organization’s needs.
    3. Select “Add another score.”

    2.2.1 Entering the KPI descriptions

    1 hour

    1. Select if your metric is a custom metric or a standard metric available from one of the Info-Tech diagnostic tools.
    2. Enter the metric name you selected from the IT Metrics Library.
    3. Select the value type.
    4. Select the “Add Metric” button.
    5. The descriptions only need to be entered when they change.

    Example of a custom metric

    The image is a screen capture of the Add New Metric function. The metric type selected is Custom metric, and the metric name is Employee Engagement. There is a green Add Metric button, which is circled in red.

    Example of a standard metric

    The image is a screen capture of the Add New Metric function. The metric type selected is Standard Metric. The green Add Metric button at the bottom is circled in red.

    2.2.2 Entering the KPI actuals

    Input

    • Actual data from each data source identified

    Output

    • Actuals recorded in tool

    Materials

    • Web browser

    Participants

    • Metrics program owners and administrators

    1 hour

    1. Select the period you wish to create a scorecard for by selecting “Add New Period” or choosing one from the drop-down list.
    2. For each KPI on your dashboard, collect the data from the data source and enter the actuals.
    3. Select the check mark (circled) to save the data for the period.

    The image is a screen capture of the My Overall Scorecard Metrics section, with a button at the bottom that reads Add New Period circled in red

    The image has the text People and Resources at the top. It shows data for the KPI, and there is a check mark circled in red.

    2.2.3 Producing the IT Overall Scorecard

    Input

    • Completed IT Overall Scorecard data collection

    Output

    • IT Overall Scorecard

    Materials

    • Web browser

    Participants

    • Metrics program owners and administrators

    0.5 hours

    1. Select the period you wish to create a scorecard for by selecting from the drop-down list.
    2. Click the “Download as PDF” button to produce the scorecard.
    3. Once the PDF is produced it is ready for review or distribution.

    Phase 3

    Create the Action Plan

    Phase 1

    1.1 Review Available KPIs

    1.2 Select KPIs for Your Org.

    1.3 Identify Data Sources and Owners

    Phase 2

    2.1 Understand the IT Management Dashboard

    2.2 Build and Review the KPIs

    Phase 3

    3.1 Prioritize Low-Performing Indicators

    3.2 Review Suggested Actions

    3.3 Develop the Action Plan

    This phase will walk you through the following activities:

    Prioritizing low-performing indicators

    Using the IT Metrics Library to review suggested actions

    Developing your team’s action plan to improve performance

    This phase involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Step 3.1

    Prioritize low-performing indicators

    Activities

    3.1.1 Determine criteria for prioritization

    3.1.2 Identify low-performing indicators

    3.1.3 Prioritize low-performing indicators

    Create the action plan

    Step 3.1 – Prioritize low-performing indicators

    Step 3.2 – Review suggested actions

    Step 3.3 – Develop the action plan

    This step will walk you through the following activities:

    Determining the criteria for prioritization of low-performing indicators

    Identifying low-performing indicators

    Prioritizing the low-performing indicators

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    A prioritized list of low-performing indicators that need remediation

    3.1.1 Determine criteria for prioritization

    Often when metrics programs are established, there are multiple KPIs that are not performing at the desired level. It’s easy to expect the team to fix all the low-performing indicators, but often teams are stretched and have conflicting priorities.

    Therefore it’s important to spend some time to prioritize which of your indicators are most critical to the success of your business.

    Also consider, if one area is performing well and others have multiple poor indicators, how do you give the right support to optimize the results?

    Lastly, is it better to score slightly lower on multiple measures or perfect on most but failing badly on one or two?

    3.1.1 Determine criteria for prioritization

    Input

    • Business goals and objectives
    • IT goals and objectives
    • IT organizational structure

    Output

    • Documented scorecard remediation prioritization criteria

    Materials

    • Whiteboard or flip charts

    Participants

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    1 hour

    1. Identify any KPIs that are critical and cannot fail without high impact to your organization.
    2. Identify any KPIs that cannot fail for an extended period and document the time period.
    3. Rank the KPIs from most critical to least critical in the IT Metrics Library.
    4. Look at the owner accountable for the performance of each KPI. If there are any large groups, reassess the ownership or rank.
    5. Periodically review the criteria to see if they’re aligned with meeting current business goals.

    3.1.2 Identify low-performing indicators

    Input

    • Overall scorecard
    • Overall scorecard (previous period)
    • IT Metrics Library

    Output

    • List of low-performing indicators that need remediation
    • Planned actions to improve performance

    Materials

    • Whiteboard or flip charts

    Participants

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    1 hour

    1. Review the overall scorecard for the current period. List any KPIs that are not meeting the target for the current month in the “Action Plan” tab of the IT Metrics Library.
    2. Compare current month to previous month. List any KPIs that are moving away from the long-term target documented in the tool IT Metrics Library.
    3. Revise the target in the IT Metrics Library as business needs change.

    3.1.3 Prioritize low-performing indicators

    Input

    • IT Metrics Library

    Output

    • Prioritized list of planned actions for low-performing indicators

    Materials

    • IT Metrics Library

    Participants

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators
    • Task owners

    1 hour

    1. Look through the list of new and outstanding planned actions in the “Action Plan” tab of the IT Metrics Library, review progress, and prioritize outstanding items.
    2. Compare the list that needs remediation with the rank in the data entry tab.
    3. Adjust the priority of the outstanding and new actions to reflect the business needs.

    Step 3.2

    Review suggested actions

    Activities

    3.2.1 Review suggested actions in the IT Metrics Library

    Create the Action Plan

    Step 3.1 – Prioritize low-performing indicators

    Step 3.2 – Review suggested actions

    Step 3.3 – Develop the action plan

    This step will walk you through the following activities:

    Reviewing the suggested actions in the IT Metrics Library

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    An idea of possible suggested actions

    Take Action

    Knowing where you are underperforming is only half the battle. You need to act!

    • So far you have identified which indicators will tell you whether or not your team is performing and which indicators are most critical to your business success.
    • Knowing is the first step, but things will not improve without some kind of action.
    • Sometimes the action needed to course-correct is small and simple, but sometimes it is complicated and may take a long time.
    • Utilize the diverse ideas of your team to find solutions to underperforming indicators.
    • If you don’t have a viable simple solution, leverage the IT Metrics Library, which suggests high-level action needed to improve each indicator. If you need additional information, use your Info-Tech membership to review the recommended research.

    3.2.1 Review suggested actions in the IT Metrics Library

    Input

    • IT Metrics Library

    Output

    • Suggested actions

    Materials

    • IT Metrics Library

    Participants

    • Process area owners
    • Metrics program owners and administrators
    • Task owners

    0.5 hours

    1. For each of your low-performing indicators, review the suggested action and related research in the IT Metrics Library.

    Step 3.3

    Develop the action plan

    Activities

    3.3.1 Document planned actions

    3.3.2 Assign ownership of actions

    3.3.3 Determine timeline of actions

    3.3.4 Review past action status

    Create the action plan

    Step 3.1 – Prioritize low- performing indicators

    Step 3.2 – Review suggested actions

    Step 3.3 – Develop the action plan

    This step will walk you through the following activities:

    Using the action plan tool to document the expected actions for low-performing indicators

    Assigning an owner and expected due date for the action

    Reviewing past action status for accountability

    This step involves the following participants:

    • Senior IT leadership
    • Process area owners
    • Metrics program owners and administrators

    Outcomes of this step

    An action plan to invoke improved performance

    3.3.1 Document planned actions

    Input

    • IT Metrics Library

    Output

    • Planned actions

    Materials

    • IT Metrics Library

    Participants

    • Process area owners
    • Metrics program owners and administrators
    • Task owners

    1 hour

    1. Decide on the action you plan to take to bring the indicator in line with expected performance and document the planned action in the “Action Plan” tab of the IT Metrics Library.

    Info-Tech Insight

    For larger initiatives try to break the task down to what is likely manageable before the next review. Seeing progress can motivate continued action.

    3.3.2 Assign ownership of actions

    Input

    • IT Metrics Library

    Output

    • Identified owners for each action

    Materials

    • IT Metrics Library

    Participants

    • Process area owners
    • Metrics program owners and administrators
    • Task owners

    0.5 hours

    1. For each unassigned task, assign clear ownership for completion of the task.
    2. The task owner should be the person accountable for the task.

    Info-Tech Insight

    Assigning clear ownership can promote accountability for progress.

    3.3.3 Determine timeline of actions

    Input

    • IT Metrics Library

    Output

    • Expected timeline for each action

    Materials

    • IT Metrics Library

    Participants

    • Process area owners
    • Metrics program owners and administrators
    • Task owners

    0.5 hours

    1. For each task, agree on an estimated target date for completion.

    Info-Tech Insight

    If the target completion date is too far in the future, break the task into manageable chunks.

    3.3.4 Review past action status

    Input

    • IT Metrics Library

    Output

    • Complete action plan for increased performance

    Materials

    • IT Metrics Library

    Participants

    • Process area owners
    • Metrics program owners and administrators
    • Task owners

    0.5 hours

    1. For each task, review the progress since last review.
    2. If desired progress is not being made, adjust your plan based on your organizational constraints.

    Info-Tech Insight

    Seek to understand the reasons that tasks are not being completed and problem solve for creative solutions to improve performance.

    Measure the value of your KPI program

    KPIs only produce value if they lead to action

    • Tracking the performance of key indicators is the first step, but value only comes from taking action based on this information.
    • Keep track of the number of action items that come out of your KPI review and how many are completed.
    • If possible, keep track of the time or money saved through completing the action items.

    Keeping track of the number of actions identified and completed is a low overhead measure.

    Tracking time or money saved is higher overhead but also higher value.

    The image is a chart titled KPI benefits. It includes a legend indicating that blue bars are for Actions identified, purple bars are for Actions completed, and the yellow line is for Time/money saved. The graph shows Q1-Q4, indicating an increase in all areas across the quarters.

    Establish Baseline Metrics

    Baseline metrics will be improved through:

    1. Identifying actions needed to remediate poor-performing KPIs
    2. Associating time and/or money savings as a result of actions taken
    Metric Current Goal
    Number of actions identified per month as a result of KPI review 0 TBD
    $ saved through actions taken due to KPI review 0 TBD
    Time saved through actions taken due to KPI review 0 TBD

    Summary of Accomplishment

    Problem Solved

    Through this project we have identified typical key performance indicators that are important to your organization’s effective management of IT.

    You’ve populated the IT Management Dashboard as a simple method to display the results of your selected KPIs.

    You’ve also established a regular review process for your KPIs and have a method to track the actions that are needed to improve performance as a result of the KPI review. This should allow you to hold individuals accountable for improvement efforts.

    You can also measure the effectiveness of your KPI program by tracking how many actions are identified as a result of the review. Ideally you can also track the money and time savings.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com

    1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop.

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    To accelerate this project, engage your IT team in an Info-Tech Workshop with an Info-Tech analyst team.

    Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Select the KPIs for your organization

    Examine the benefits of the KPIs suggested in the IT Metrics Library and help selecting those that will drive performance for your maturity level.

    Build an action plan

    Discuss options for identifying and executing actions that result from your KPI review. Determine how to set up the discipline needed to make the most of your KPI review program.

    Research Contributors and Experts

    Valence Howden

    Principal Research Director, CIO – Service Management Info-Tech Research Group

    • Valence has extensive experience in helping organizations be successful through optimizing how they govern themselves, how they design and execute strategies, and how they drive service excellence in all work.

    Tracy-Lynn Reid

    Practice Lead, CIO – People & Leadership Info-Tech Research Group

    • Tracy-Lynn covers key topics related to People & Leadership within an information technology context.

    Fred Chagnon

    Practice Lead, Infrastructure & Operations Info-Tech Research Group

    • Fred brings extensive practical experience in all aspects of enterprise IT Infrastructure, including IP networks, server hardware, operating systems, storage, databases, middleware, virtualization and security.

    Aaron Shum

    Practice Lead, Security, Risk & Compliance Info-Tech Research Group

    • With 20+ years of experience across IT, InfoSec, and Data Privacy, Aaron currently specializes in helping organizations implement comprehensive information security and cybersecurity programs as well as comply with data privacy regulations.

    Cole Cioran

    Practice Lead, Applications and Agile Development Info-Tech Research Group

    • Over the past twenty-five years, Cole has developed software; designed data, infrastructure, and software solutions; defined systems and enterprise architectures; delivered enterprise-wide programs; and managed software development, infrastructure, and business systems analysis practices.

    Barry Cousins

    Practice Lead, Applications – Project and Portfolio Mgmt. Info-Tech Research Group

    • Barry specializes in Project Portfolio Management, Help/Service Desk, and Telephony/Unified Communications. He brings an extensive background in technology, IT management, and business leadership.

    Jack Hakimian

    Vice President, Applications Info-Tech Research Group

    • Jack has close to 25 years of Technology and Management Consulting experience. He has served multi-billion-dollar organizations in multiple industries, including Financial Services and Telecommunications. Jack also served several large public sector institutions.

    Vivek Mehta

    Research Director, CIO Info-Tech Research Group

    • Vivek publishes on topics related to digital transformation and innovation. He is the author of research on Design a Customer-Centric Digital Operating Model and Create Your Digital Strategy as well as numerous keynotes and articles on digital transformation.

    Carlos Sanchez

    Practice Lead, Enterprise Applications Info-Tech Research Group

    • Carlos has a breadth of knowledge in enterprise applications strategy, planning, and execution.

    Andy Neill

    Practice Lead, Enterprise Architecture, Data & BI Info-Tech Research Group

    • Andy has extensive experience in managing technical teams, information architecture, data modeling, and enterprise data strategy.

    Michael Fahey

    Executive Counselor Info-Tech Research Group

    • As an Executive Counselor, Mike applies his decades of business experience and leadership, along with Info-Tech Research Group’s resources, to assist CIOs in delivering outstanding business results.

    Related Info-Tech Research

    Develop Meaningful Service Metrics to Ensure Business and User Satisfaction

    • Reinforce service orientation in your IT organization by ensuring your IT metrics generate value-driven resource behavior.

    Use Applications Metrics That Matter

    • It all starts with quality and customer satisfaction.

    Take Control of Infrastructure Metrics

    • Master the metrics maze to help make decisions, manage costs, and plan for change.

    Bibliography

    Bach, Nancy. “How Often Should You Measure Your Organization's KPIs?” EON, 26 June 2018. Accessed Jan. 2020.

    “The Benefits of Tracking KPIs – Both Individually and for a Team.” Hoopla, 30 Jan. 2017. Accessed Jan. 2020.

    Chepul, Tiffany. “Top 22 KPI Examples for Technology Companies.” Rhythm Systems, Jan. 2020. Accessed Jan. 2020.

    Cooper, Larry. “CSF's, KPI's, Metrics, Outcomes and Benefits” itSM Solutions. 5 Feb. 2010. Accessed Jan 2020.

    “CUC Report on the implementation of Key Performance Indicators: case study experience.” Committee of University Chairs, June 2008. Accessed Jan 2020.

    Harris, Michael, and Bill Tayler. “Don’t Let Metrics Undermine Your Business.” HBR, Sep.–Oct 2019. Accessed Jan. 2020.

    Hatari, Tim. “The Importance of a Strong KPI Dashboard.” TMD Coaching. 27 Dec. 2018. Accessed Jan. 2020.

    Roy, Mayu, and Marian Carter. “The Right KPIs, Metrics for High-performing, Cost-saving Space Management.” CFI, 2013. Accessed Jan 2020.

    Schrage, Michael, and David Kiron. “Leading With Next-Generation Key Performance Indicators.” MIT Sloan Management Review, 26 June 2018. Accessed Jan. 2020.

    Setijono, Djoko, and Jens J. Dahlgaard. “Customer value as a key performance indicator (KPI) and a key improvement indicator (KII)” Emerald Insight, 5 June 2007. Accessed Jan 2020.

    Skinner, Ted. “Balanced Scorecard KPI Examples: Comprehensive List of 183 KPI Examples for a Balanced Scorecard KPI Dashboard (Updated for 2020).” Rhythm Systems, Jan. 2020. Accessed Jan 2020.

    Wishart, Jessica. “5 Reasons Why You Need The Right KPIs in 2020” Rhythm Systems, 1 Feb. 2020. Accessed Jan. 2020.

    Establish Data Governance – APAC Edition

    • Buy Link or Shortcode: {j2store}348|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $172,999 Average $ Saved
    • member rating average days saved: 63 Average Days Saved
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management
    • Organisations are faced with challenges associated with changing data landscapes, evolving business models, industry disruptions, regulatory and compliance obligations, and changing and maturing user landscapes and demands for data.
    • Although the need for a data governance program is often evident, organisations miss the mark when their data governance efforts are not directly aligned to delivering measurable business value by supporting key strategic initiatives, value streams, and their underlying business capabilities.

    Our Advice

    Critical Insight

    • Your organisation’s value streams and the associated business capabilities require effectively governed data. Without this, you face the impact of elevated operational costs, missed opportunities, eroded stakeholder satisfaction, and exposure to increased business risk.
    • Ensure your data governance program delivers measurable business value by aligning the associated data governance initiatives with the business architecture.
    • Data governance must continuously align with the organisation’s enterprise governance function. It should not be perceived as an IT pet project, but rather as a business-driven initiative.

    Impact and Result

    Info-Tech’s approach to establishing and sustaining effective data governance is anchored in the strong alignment of organisational value streams and their business capabilities with key data governance dimensions and initiatives.

    • Align with enterprise governance, business strategy and organizational value streams to ensure the program delivers measurable business value.
    • Understand your current data governance capabilities and build out a future state that is right sized and relevant.
    • Define data governance leadership, accountability, and responsibility, supported by an operating model that effectively manages change and communication and fosters a culture of data excellence.

    Establish Data Governance – APAC Edition Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Data Governance Research – A step-by-step document to ensure that the people handling the data are involved in the decisions surrounding data usage, data quality, business processes, and change implementation.

    Data governance is a strategic program that will help your organisation control data by managing the people, processes, and information technology needed to ensure that accurate and consistent data policies exist across varying lines of the business, enabling data-driven insight. This research will provide an overview of data governance and its importance to your organization, assist in making the case and securing buy-in for data governance, identify data governance best practices and the challenges associated with them, and provide guidance on how to implement data governance best practices for a successful launch.

    • Establish Data Governance – Phases 1-3 – APAC

    2. Data Governance Planning and Roadmapping Workbook – A structured tool to assist with establishing effective data governance practices.

    This workbook will help your organisation understand the business and user context by leveraging your business capability map and value streams, developing data use cases using Info-Tech's framework for building data use cases, and gauging the current state of your organisation's data culture.

    • Data Governance Planning and Roadmapping Workbook – APAC

    3. Data Use Case Framework Template – An exemplar template to highlight and create relevant use cases around the organisation’s data-related problems and opportunities.

    This business needs gathering activity will highlight and create relevant use cases around data-related problems or opportunities that are clear and contained and, if addressed, will deliver value to the organisation. This template provides a framework for data requirements and a mapping methodology for creating use cases.

    • Data Use Case Framework Template – APAC

    4. Data Governance Initiative Planning and Roadmap Tool – A visual roadmapping tool to assist with establishing effective data governance practices.

    This tool will help your organisation plan the sequence of activities, capture start dates and expected completion dates, and create a roadmap that can be effectively communicated to the organisation.

    • Data Governance Initiative Planning and Roadmap Tool – APAC

    5. Business Data Catalogue – A comprehensive template to help you to document the key data assets that are to be governed based on in-depth business unit interviews, data risk/value assessments, and a data flow diagram for the organisation.

    Use this template to document information about key data assets such as data definition, source system, possible values, data sensitivity, data steward, and usage of the data.

    • Business Data Catalogue – APAC

    6. Data Governance Program Charter Template – A program charter template to sell the importance of data governance to senior executives.

    This template will help get the backing required to get a data governance project rolling. The program charter will help communicate the project purpose, define the scope, and identify the project team, roles, and responsibilities.

    • Data Governance Program Charter Template – APAC

    7. Data Policies – A set of policy templates to support the data governance framework for the organisation.

    This set of policies supports the organisation's use and management of data to ensure that it efficiently and effectively serves the needs of the organisation.

    • Data Governance Policy – APAC
    • Data Classification Policy, Standard, and Procedure – APAC
    • Data Quality Policy, Standard, and Procedure – APAC
    • Data Management Definitions – APAC
    • Metadata Management Policy, Standard, and Procedure – APAC
    • Data Retention Policy and Procedure – APAC
    [infographic]

    Workshop: Establish Data Governance – APAC Edition

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Establish Business Context and Value

    The Purpose

    Identify key business data assets that need to be governed.

    Create a unifying vision for the data governance program.

    Key Benefits Achieved

    Understand the value of data governance and how it can help the organisation better leverage its data.

    Gain knowledge of how data governance can benefit both IT and the business.

    Activities

    1.1 Establish business context, value, and scope of data governance at the organisation.

    1.2 Introduction to Info-Tech’s data governance framework.

    1.3 Discuss vision and mission for data governance.

    1.4 Understand your business architecture, including your business capability map and value streams.

    1.5 Build use cases aligned to core business capabilities.

    Outputs

    Sample use cases (tied to the business capability map) and a repeatable use case framework

    Vision and mission for data governance

    2 Understand Current Data Governance Capabilities and Plot Target-State Levels

    The Purpose

    Assess which data contains value and/or risk and determine metrics that will determine how valuable the data is to the organisation.

    Assess where the organisation currently stands in data governance initiatives.

    Determine gaps between the current and future states of the data governance program.

    Key Benefits Achieved

    Gain a holistic understanding of organisational data and how it flows through business units and systems.

    Identify which data should fall under the governance umbrella.

    Determine a practical starting point for the program.

    Activities

    2.1 Understand your current data governance capabilities and maturity.

    2.2 Set target-state data governance capabilities.

    Outputs

    Current state of data governance maturity

    Definition of target state

    3 Build Data Domain to Data Governance Role Mapping

    The Purpose

    Determine strategic initiatives and create a roadmap outlining key steps required to get the organisation to start enabling data-driven insights.

    Determine timing of the initiatives.

    Key Benefits Achieved

    Establish clear direction for the data governance program.

    Step-by-step outline of how to create effective data governance, with true business-IT collaboration.

    Activities

    3.1 Evaluate and prioritise performance gaps.

    3.2 Develop and consolidate data governance target-state initiatives.

    3.3 Define the role of data governance: data domain to data governance role mapping.

    Outputs

    Target-state data governance initiatives

    Data domain to data governance role mapping

    4 Formulate a Plan to Get to Your Target State

    The Purpose

    Consolidate the roadmap and other strategies to determine the plan of action from day one.

    Create the required policies, procedures, and positions for data governance to be sustainable and effective.

    Key Benefits Achieved

    Prioritised initiatives with dependencies mapped out.

    A clearly communicated plan for data governance that will have full business backing.

    Activities

    4.1 Identify and prioritise next steps.

    4.2 Define roles and responsibilities and complete a high-level RACI.

    4.3 Wrap-up and discuss next steps and post-workshop support.

    Outputs

    Initialised roadmap

    Initialised RACI

    Further reading

    Establish Data Governance

    Deliver measurable business value.

    Analyst Perspective

    Establish a data governance program that brings value to your organisation.

    Picture of analyst

    Data governance does not sit as an island on its own in the organisation – it must align with and be driven by your enterprise governance. As you build out data governance in your organisation, it's important to keep in mind that this program is meant to be an enabling framework of oversight and accountabilities for managing, handling, and protecting your company's data assets. It should never be perceived as bureaucratic or inhibiting to your data users. It should deliver agreed-upon models that are conducive to your organisation's operating culture, offering clarity on who can do what with the data and via what means. Data governance is the key enabler for bringing high-quality, trusted, secure, and discoverable data to the right users across your organisation. Promote and drive the responsible and ethical use of data while helping to build and foster an organisational culture of data excellence.

    Crystal Singh

    Director, Research & Advisory, Data & Analytics Practice

    Info-Tech Research Group

    Executive Summary

    Your Challenge

    The amount of data within organisations is growing at an exponential rate, creating a need to adopt a formal approach to governing data. However, many organisations remain uninformed on how to effectively govern their data. Comprehensive data governance should define leadership, accountability, and responsibility related to data use and handling and be supported by a well-oiled operating model and relevant policies and procedures. This will help ensure the right data gets to the right people at the right time, using the right mechanisms.

    Common Obstacles

    Organisations are faced with challenges associated with changing data landscapes, evolving business models, industry disruptions, regulatory and compliance obligations, and changing and maturing user landscape and demand for data. Although the need for a data governance program is often evident, organisations miss the mark when their data governance efforts are not directly aligned to delivering measurable business value. Initiatives should support key strategic initiatives, as well as value streams and their underlying business capabilities.

    Info-Tech's Approach

    Info-Tech's approach to establishing and sustaining effective data governance is anchored in the strong alignment of organisational value streams and their business capabilities with key data governance dimensions and initiatives. Organisations should:

    • Align their data governance with enterprise governance, business strategy and value streams to ensure the program delivers measurable business value.
    • Understand their current data governance capabilities so as to build out a future state that is right-sized and relevant.
    • Define data leadership, accountability, and responsibility. Support these with an operating model that effectively manages change and communication and fosters a culture of data excellence.

    Info-Tech Insight

    Your organisation's value streams and the associated business capabilities require effectively governed data. Without this, you face elevated operating costs, missed opportunities, eroded stakeholder satisfaction, and increased business risk.

    Your challenge

    This research is designed to help organisations build and sustain an effective data governance program.

    • Your organisation has recognised the need to treat data as a corporate asset for generating business value and/or managing and mitigating risk.
    • This has brought data governance to the forefront and highlighted the need to build a performance-driven enterprise program for delivering quality, trusted, and readily consumable data to users.
    • An effective data governance program is one that defines leadership, accountability. and responsibility related to data use and handling. It's supported by a well-oiled operating model and relevant policies and procedures, all of which help build and foster a culture of data excellence where the right users get access to the right data at the right time via the right mechanisms.

    As you embark on establishing data governance in your organisation, it's vital to ensure from the get-go that you define the drivers and business context for the program. Data governance should never be attempted without direction on how the program will yield measurable business value.

    'Data processing and cleanup can consume more than half of an analytics team's time, including that of highly paid data scientists, which limits scalability and frustrates employees.' – Petzold, et al., 2020

    Image is a circle graph and 30% of it is coloured with the number 30% in the middle of the graph

    'The productivity of employees across the organisation can suffer.' – Petzold, et al., 2020

    Respondents to McKinsey's 2019 Global Data Transformation Survey reported that an average of 30% of their total enterprise time was spent on non-value-added tasks because of poor data quality and availability. – Petzold, et al., 2020

    Common obstacles

    Some of the barriers that make data governance difficult to address for many organisations include:

    • Gaps in communicating the strategic value of data and data governance to the organisation. This is vital for securing senior leadership buy-in and support, which, in turn, is crucial for sustained success of the data governance program.
    • Misinterpretation or a lack of understanding about data governance, including what it means for the organisation and the individual data user.
    • A perception that data governance is inhibiting or an added layer of bureaucracy or complication rather than an enabling and empowering framework for stakeholders in their use and handling of data.
    • Embarking on data governance without firmly substantiating and understanding the organisational drivers for doing so. How is data governance going to support the organisation's value streams and their various business capabilities?
    • Neglecting to define and measure success and performance. Just as in any other enterprise initiative, you have to be able to demonstrate an ROI for time, resources and funding. These metrics must demonstrate the measurable business value that data governance brings to the organisation.
    • Failure to align data governance with enterprise governance.
    Image is a circle graph and 78% of it is coloured with the number 78% in the middle of the graph

    78% of companies (and 92% of top-tier companies) have a corporate initiative to become more data-driven. – Alation, 2020.

    Image is a circle graph and 58% of it is coloured with the number 58% in the middle of the graph

    But despite these ambitions, there appears to be a 'data culture disconnect' – 58% of leaders overestimate the current data culture of their enterprises, giving a grade higher than the one produced by the study. – Fregoni, 2020.

    The strategic value of data

    Power intelligent and transformative organisational performance through leveraging data.

    Respond to industry disruptors

    Optimise the way you serve your stakeholders and customers

    Develop products and services to meet ever-evolving needs

    Manage operations and mitigate risk

    Harness the value of your data

    The journey to being data-driven

    The journey to declaring that you are a data-driven organisation requires a pit stop at data enablement.

    The Data Economy

    Data Disengaged

    You have a low appetite for data and rarely use data for decision making.

    Data Enabled

    Technology, data architecture, and people and processes are optimised and supported by data governance.

    Data Driven

    You are differentiating and competing on data and analytics; described as a 'data first' organisation. You're collaborating through data. Data is an asset.

    Data governance is essential for any organisation that makes decisions about how it uses its data.

    Data governance is an enabling framework of decision rights, responsibilities, and accountabilities for data assets across the enterprise.

    Data governance is:

    • Executed according to agreed-upon models that describe who can take what actions with what information, when, and using what methods (Olavsrud, 2021).
    • True business-IT collaboration that will lead to increased consistency and confidence in data to support decision making. This, in turn, helps fuel innovation and growth.

    If done correctly, data governance is not:

    • An annoying, finger-waving roadblock in the way of getting things done.
    • Meant to solve all data-related business or IT problems in an organisation.
    • An inhibitor or impediment to using and sharing data.

    Info-Tech's Data Governance Framework

    An image of Info-Tech's Data Governance Framework

    Create impactful data governance by embedding it within enterprise governance

    A model is depicted to show the relationship between enterprise governance and data governance.

    Organisational drivers for data governance

    Data governance personas:

    Conformance: Establishing data governance to meet regulations and compliance requirements.

    Performance: Establishing data governance to fuel data-driven decision making for driving business value and managing and mitigating business risk.

    Two images are depicted that show the difference between conformance and performance.

    Data Governance is not a one-person show

    • Data governance needs a leader and a home. Define who is going to be leading, driving, and steering data governance in your organisation.
    • Senior executive leaders play a crucial role in championing and bringing visibility to the value of data and data governance. This is vital for building and fostering a culture of data excellence.
    • Effective data governance comes with business and IT alignment, collaboration, and formally defined roles around data leadership, ownership, and stewardship.
    Four circles are depicted. There is one person in the circle on the left and is labelled: Data Governance Leadership. The circle beside it has two people in it and labelled: Organisational Champions. The circle beside it has three people in it and labelled: Data Owners, Stewards & Custodians. The last circle has four people in it and labelled: The Organisation & Data Storytellers.

    Traditional data governance organisational structure

    A traditional structure includes committees and roles that span across strategic, tactical, and operational duties. There is no one-size-fits-all data governance structure. However, most organisations follow a similar pattern when establishing committees, councils, and cross-functional groups. Most organisations strive to identify roles and responsibilities at a strategic and operational level. Several factors will influence the structure of the program, such as the focus of the data governance project and the maturity and size of the organisation.

    A triangular model is depicted and is split into three tiers to show the traditional data governance organisational structure.

    A healthy data culture is key to amplifying the power of your data.

    'Albert Einstein is said to have remarked, "The world cannot be changed without changing our thinking." What is clear is that the greatest barrier to data success today is business culture, not lagging technology.' – Randy Bean, 2020

    What does it look like?

    • Everybody knows the data.
    • Everybody trusts the data.
    • Everybody talks about the data.

    'It is not enough for companies to embrace modern data architectures, agile methodologies, and integrated business-data teams, or to establish centres of excellence to accelerate data initiatives, when only about 1 in 4 executives reported that their organisation has successfully forged a data culture.'– Randy Bean, 2020

    Data literacy is an essential part of a data-driven culture

    • In a data-driven culture, decisions are made based on data evidence, not on gut instinct.
    • Data often has untapped potential. A data-driven culture builds tools and skills, builds users' trust in the condition and sources of data, and raises the data skills and understanding among their people on the front lines.
    • Building a data culture takes an ongoing investment of time, effort, and money. This investment will not achieve the transformation you want without data literacy at the grassroots level.

    Data-driven culture = 'data matters to our company'

    Despite investments in data initiative, organisations are carrying high levels of data debt

    Data debt is 'the accumulated cost that is associated with the sub-optimal governance of data assets in an enterprise, like technical debt.'

    Data debt is a problem for 78% of organisations.

    40% of organisations say individuals within the business do not trust data insights.

    66% of organisations say a backlog of data debt is impacting new data management initiatives.

    33% of organisations are not able to get value from a new system or technology investment.

    30% of organisations are unable to become data-driven.

    Source: Experian, 2020

    Absent or sub-optimal data governance leads to data debt

    Only 3% of companies' data meets basic quality standards. (Source: Nagle, et al., 2017)

    Organisations suspect 28% of their customer and prospect data is inaccurate in some way. (Source: Experian, 2020)

    Only 51% of organisations consider the current state of their CRM or ERP data to be clean, allowing them to fully leverage it. (Source: Experian, 2020)

    35% of organisations say they're not able to see a ROI for data management initiatives. (Source: Experian, 2020)

    Embrace the technology

    Make the available data governance tools and technology work for you:

    • Data catalogue
    • Business data glossary
    • Data lineage
    • Metadata management

    While data governance tools and technologies are no panacea, leverage their automated and AI-enabled capabilities to augment your data governance program.

    Logos of data governance tools and technology.

    Measure success to demonstrate tangible business value

    Put data governance into the context of the business:

    • Tie the value of data governance and its initiatives back to the business capabilities that are enabled.
    • Leverage the KPIs of those business capabilities to demonstrate tangible and measurable value. Use terms and language that will resonate with senior leadership.

    Don't let measurement be an afterthought:

    Start substantiating early on how you are going to measure success as your data governance program evolves.

    Build a right-sized roadmap

    Formulate an actionable roadmap that is right-sized to deliver value in your organisation.

    Key considerations:

    • When building your data governance roadmap, ensure you do so through an enterprise lens. Be cognizant of other initiatives that might be coming down the pipeline that may require you to align your data governance milestones accordingly.
    • Apart from doing your planning with consideration for other big projects or launches that might be in-flight and require the time and attention of your data governance partners, also be mindful of the more routine yet still demanding initiatives.
    • When doing your roadmapping, consider factors like the organisation's fiscal cycle, typical or potential year-end demands, and monthly/quarterly reporting periods and audits. Initiatives such as these are likely to monopolise the time and focus of personnel key to delivering on your data governance milestones.

    Sample milestones:

    Data Governance Leadership & Org Structure Definition

    Define the home for data governance and other key roles around ownership and stewardship, as approved by senior leadership.

    Data Governance Charter and Policies

    Create a charter for your program and build/refresh associated policies.

    Data Culture Diagnostic

    Understand the organisation's current data culture, perception of data, value of data, and knowledge gaps.

    Use Case Build and Prioritisation

    Build a use case that is tied to business capabilities. Prioritise accordingly.

    Business Data Glossary

    Build and/or refresh the business' glossary for addressing data definitions and standardisation issues.

    Tools & Technology

    Explore the tools and technology offering in the data governance space that would serve as an enabler to the program. (e.g. RFI, RFP).

    Key takeaways for effective business-driven data governance

    Data governance leadership and sponsorship is key.

    Ensure strategic business alignment.

    Build and foster a culture of data excellence.

    Evolve along the data journey.

    Make data governance an enabler, not a hindrance.

    Insight summary

    Overarching insight

    Your organisation's value streams and the associated business capabilities require effectively governed data. Without this, you face the impact of elevated operational costs, missed opportunities, eroded stakeholder satisfaction, and exposure to increased business risk.

    Insight 1

    Data governance should not sit as an island in your organisation. It must continuously align with the organisation's enterprise governance function. It shouldn't be perceived as a pet project of IT, but rather as an enterprise-wide, business-driven initiative.

    Insight 2

    Ensure your data governance program delivers measurable business value by aligning the associated data governance initiatives with the business architecture. Leverage the measures of success or KPIs of the underlying business capabilities to demonstrate the value data governance has yielded for the organisation.

    Insight 3

    Data governance remains the foundation of all forms of reporting and analytics. Advanced capabilities such as AI and machine learning require effectively governed data to fuel their success.

    Tactical insight

    Tailor your data literacy program to meet your organisation's needs, filling your range of knowledge gaps and catering to your different levels of stakeholders. When it comes to rolling out a data literacy program, there is no one-size-fits-all solution. Your data literacy program is intended to fill the knowledge gaps about data, as they exist in your organisation. It should be targeted across the board – from your executive leadership and management through to the subject matter experts across different lines of the business in your organisation.

    Info-Tech's methodology for establishing data governance

    1. Build Business and User Context 2. Understand Your Current Data Governance Capabilities 3. Build a Target State Roadmap and Plan
    Phase Steps
    1. Substantiate Business Drivers
    2. Build High-Value Use Cases for Data Governance
    1. Understand the Key Components of Data Governance
    2. Gauge Your Organisation's Current Data Culture
    1. Formulate an Actionable Roadmap and Right-Sized Plan
    Phase Outcomes
    • Your organisation's business capabilities and value streams
    • A business capability map for your organisation
    • Categorisation of your organisation's key capabilities
    • A strategy map tied to data governance
    • High-value use cases for data governance
    • An understanding of the core components of an effective data governance program
    • An understanding your organisation's current data culture
    • A data governance roadmap and target-state plan comprising of prioritised initiatives

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Screenshot of Info-Tech's Data Governance Planning and Roadmapping Workbook data-verified=

    Data Governance Planning and Roadmapping Workbook

    Use the Data Governance Planning and Roadmapping Workbook as you plan, build, roll out, and scale data governance in your organisation.

    Screenshot of Info-Tech's Data Use Case Framework Template

    Data Use Case Framework Template

    This template takes you through a business needs gathering activity to highlight and create relevant use cases around the organisation's data-related problems and opportunities.

    Screenshot of Info-Tech's Business Data Glossary data-verified=

    Business Data Glossary

    Use this template to document the key data assets that are to be governed and create a data flow diagram for your organisation.

    Screenshot of Info-Tech's Data Culture Diagnostic and Scorecard data-verified=

    Data Culture Diagnostic and Scorecard

    Leverage Info-Tech's Data Culture Diagnostic to understand how your organisation scores across 10 areas relating to data culture.

    Key deliverable:

    Data Governance Planning and Roadmapping Workbook

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Data Governance Initiative Planning and Roadmap Tool

    Leverage this tool to assess your current data governance capabilities and plot your target state accordingly.

    This tool will help you plan the sequence of activities, capture start dates and expected completion dates, and create a roadmap that can be effectively communicated to the organisation.

    Data Governance Program Charter Template

    This template will help get the backing required to get a data governance project rolling. The program charter will help communicate the project purpose, define the scope, and identify the project team, roles, and responsibilities.

    Data Governance Policy

    This policy establishes uniformed data governance standards and identifies the shared responsibilities for assuring the integrity of the data and that it efficiently and effectively serves the needs of your organisation

    Other Deliverables:

    • Data Governance Initiative Planning and Roadmap Tool
    • Data Governance Program Charter Template
    • Data Governance Policy

    Blueprint benefits

    Defined data accountability & responsibility

    Shared knowledge & common understanding of data assets

    Elevated trust & confidence in traceable data

    Improved data ROI & reduced data debt

    Support for ethical use and handling of data in a culture of excellence

    Measure the value of this blueprint

    Leverage this blueprint's approach to ensure your data governance initiatives align and support your key value streams and their business capabilities.

    • Aligning your data governance program and its initiatives to your organisation's business capabilities is vital for tracing and demonstrating measurable business value for the program.
    • This alignment of data governance with value streams and business capabilities enables you to use business-defined KPIs and demonstrate tangible value.
    Screenshot from this blueprint on the Measurable Business Value

    In phases 1 and 2 of this blueprint, we will help you establish the business context, define your business drivers and KPIs, and understand your current data governance capabilities and strengths.

    In phase 3, we will help you develop a plan and a roadmap for addressing any gaps and improving the relevant data governance capabilities so that data is well positioned to deliver on those defined business metrics.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    'Our team, has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.'

    Guided Implementation

    'Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keeps us on track.'

    Workshop

    'We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.'

    Consulting

    'Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.'

    Diagnostics and consistent frameworks are used throughout all four options.

    Establish Data Governance project overview

    Contact your account representative for more information. workshops@infotech.com 1-888-670-8889

    1. Build Business and User context2. Understand Your Current Data Governance Capabilities3. Build a Target State Roadmap and Plan
    Best-Practice Toolkit
    1. Substantiate Business Drivers
    2. Build High-Value Use Cases for Data Governance
    1. Understand the Key Components of Data Governance
    2. Gauge Your Organisation's Current Data Culture
    1. Formulate an Actionable Roadmap and Right-Sized Plan
    Guided Implementation
    • Call 1
    • Call 2
    • Call 3
    • Call 4
    • Call 5
    • Call 6
    • Call 7
    • Call 8
    • Call 9
    Phase Outcomes
    • Your organisation's business capabilities and value streams
    • A business capability map for your organisation
    • Categorisation of your organisation's key capabilities
    • A strategy map tied to data governance
    • High-value use cases for data governance
    • An understanding of the core components of an effective data governance program
    • An understanding your organisation's current data culture
    • A data governance roadmap and target-state plan comprising of prioritised initiatives

    Guided Implementation

    What does a typical GI on this topic look like?

    An outline of what guided implementation looks like.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organisation. A typical GI is between 8 to 12 calls over the course of 4 to 6 months.

    Workshop overview

    Contact your account representative for more information. workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4
    Establish Business Context and Value Understand Current Data Governance Capabilities and Plot Target-State Levels Build Data Domain to Data Governance Role Mapping Formulate a Plan to Get to Your Target State
    Activities
    • Establish business context, value, and scope of data governance at the organisation
    • Introduction to Info-Tech's data governance framework
    • Discuss vision and mission for data governance
    • Understand your business architecture, including your business capability map and value streams
    • Build use cases aligned to core business capabilities
    • Understand your current data governance capabilities and maturity
    • Set target state data governance capabilities
    • Evaluate and prioritise performance gaps
    • Develop and consolidate data governance target-state initiatives
    • Define the role of data governance: data domain to data governance role mapping
    • Identify and prioritise next steps
    • Define roles and responsibilities and complete a high-level RACI
    • Wrap-up and discuss next steps and post-workshop support
    Deliverables
    1. Sample use cases (tied to the business capability map) and a repeatable use case framework
    2. Vision and mission for data governance
    1. Current state of data governance maturity
    2. Definition of target state
    1. Target-state data governance initiatives
    2. Data domain to data governance role mapping
    1. Initialised roadmap
    2. Initialised RACI
    3. Completed Business Data Glossary (BDG)

    Phase 1

    Build Business and User Context

    Three circles are in the image that list the three phases and the main steps. Phase 1 is highlighted.

    'When business users are invited to participate in the conversation around data with data users and IT, it adds a fundamental dimension — business context. Without a real understanding of how data ties back to the business, the value of analysis and insights can get lost.' – Jason Lim, Alation

    This phase will guide you through the following activities:

    • Identify Your Business Capabilities
    • Define your Organisation's Key Business Capabilities
    • Develop a Strategy Map that Aligns Business Capabilities to Your Strategic Focus

    This phase involves the following participants:

    • Data Governance Leader/Data Leader (CDO)
    • Senior Business Leaders
    • Business SMEs
    • Data Leadership, Data Owners, Data Stewards and Custodians

    Step 1.1

    Substantiate Business Drivers

    Activities

    1.1.1 Identify Your Business Capabilities

    1.1.2 Categorise Your Organisation's Key Business Capabilities

    1.1.3 Develop a Strategy Map Tied to Data Governance

    This step will guide you through the following activities:

    • Leverage your organisation's existing business capability map or initiate the formulation of a business capability map, guided by Info-Tech's approach
    • Determine which business capabilities are considered high priority by your organisation
    • Map your organisation's strategic objectives to value streams and capabilities to communicate how objectives are realised with the support of data

    Outcomes of this step

    • A foundation for data governance initiative planning that's aligned with the organisation's business architecture: value streams, business capability map, and strategy map

    Info-Tech Insight

    Gaining a sound understanding of your business architecture (value streams and business capabilities) is a critical foundation for establishing and sustaining a data governance program that delivers measurable business value.

    1.1.1 Identify Your Business Capabilities

    Confirm your organisation's existing business capability map or initiate the formulation of a business capability map:

    1. If you have an existing business capability map, meet with the relevant business owners/stakeholders to confirm that the content is accurate and up to date. Confirm the value streams (how your organisation creates and captures value) and their business capabilities are reflective of the organisation's current business environment.
    2. If you do not have an existing business capability map, follow this activity to initiate the formulation of a map (value streams and related business capabilities):
      1. Define the organisation's value streams. Meet with senior leadership and other key business stakeholders to define how your organisation creates and captures value.
      2. Define the relevant business capabilities. Meet with senior leadership and other key business stakeholders to define the business capabilities.

    Note: A business capability defines what a business does to enable value creation. Business capabilities are business terms defined using descriptive nouns such as 'Marketing' or 'Research and Development.' They represent stable business functions, are unique and independent of each other, and typically will have a defined business outcome.

    Input

    • List of confirmed value streams and their related business capabilities

    Output

    • Business capability map with value streams for your organisation

    Materials

    • Your existing business capability map or the template provided in the Data Governance Planning and Roadmapping Workbook accompanying this blueprint

    Participants

    • Key business stakeholders
    • Data stewards
    • Data custodians
    • Data Governance Working Group

    For more information, refer to Info-Tech's Document Your Business Architecture.

    Define or validate the organisation's value streams

    Value streams connect business goals to the organisation's value realisation activities. These value realisation activities, in turn, depend on data.

    If the organisation does not have a business architecture function to conduct and guide Activity 1.1.1, you can leverage the following approach:

    • Meet with key stakeholders regarding this topic, then discuss and document your findings.
    • When trying to identify the right stakeholders, consider: Who are the decision makers and key influencers? Who will impact this piece of business architecture related work? Who has the relevant skills, competencies, experience, and knowledge about the organisation?
    • Engage with these stakeholders to define and validate how the organisation creates value.
    • Consider:
      • Who are your main stakeholders? This will depend on the industry in which you operate. For example, customers, residents, citizens, constituents, students, patients.
      • What are your stakeholders looking to accomplish?
      • How does your organisation's products and/or services help them accomplish that?
      • What are the benefits your organisation delivers to them and how does your organisation deliver those benefits?
      • How do your stakeholders receive those benefits?

    Align data governance to the organisation's value realisation activities.

    Value streams enable the organisation to create or capture value in the market in which it operates by engaging in a set of interconnected activities.

    Info-Tech Insight

    Your organisation's value streams and the associated business capabilities require effectively governed data. Without this, you face the possibilities of elevated operational costs, missed opportunities, eroded stakeholder satisfaction, negative impact to reputation and brand, and/or increased exposure to business risk.

    Example of value streams – Retail Banking

    Value streams connect business goals to the organisation's value realisation activities.

    Example value stream descriptions for: Retail Banking

    Value streams enable the organisation to create or capture value in the market in which it operates by engaging in a set of interconnected activities.

    Model example of value streams for retail banking.

    For this value stream, download Info-Tech's Info-Tech's Industry Reference Architecture for Retail Banking.

    Example of value streams – Higher Education

    Value streams connect business goals to the organisation's value realisation activities.

    Example value stream descriptions for: Higher Education

    Value streams enable the organisation to create or capture value in the market in which it operates by engaging in a set of interconnected activities.

    Model example of value streams for higher education

    For this value stream, download Info-Tech's Industry Reference Architecture for Higher Education.

    Example of value streams – Local Government

    Value streams connect business goals to the organisation's value realisation activities.

    Example value stream descriptions for: Local Government

    Value streams enable the organisation to create or capture value in the market in which it operates by engaging in a set of interconnected activities.

    Model example of value streams for local government

    For this value stream, download Info-Tech's Industry Reference Architecture for Local Government.

    Example of value streams – Manufacturing

    Value streams connect business goals to the organisation's value realisation activities.

    Example value stream descriptions for: Manufacturing

    Value streams enable the organisation to create or capture value in the market in which it operates by engaging in a set of interconnected activities.

    Model example of value streams for manufacturing

    For this value stream, download Info-Tech's Industry Reference Architecture for Manufacturing.

    Example of value streams – Retail

    Value streams connect business goals to the organisation's value realisation activities.

    Example value stream descriptions for: Retail

    Model example of value streams for retail

    Value streams enable the organisation to create or capture value in the market in which it operates by engaging in a set of interconnected activities.

    For this value stream, download Info-Tech's Industry Reference Architecture for Retail.

    Define the organisation's business capabilities in a business capability map

    A business capability defines what a business does to enable value creation. Business capabilities represent stable business functions and typically will have a defined business outcome.

    Business capabilities can be thought of as business terms defined using descriptive nouns such as 'Marketing' or 'Research and Development.'

    If your organisation doesn't already have a business capability map, you can leverage the following approach to build one. This initiative requires a good understanding of the business. By working with the right stakeholders, you can develop a business capability map that speaks a common language and accurately depicts your business.

    Working with the stakeholders as described above:

    • Analyse the value streams to identify and describe the organisation's capabilities that support them.
    • Consider: What is the objective of your value stream? (This can highlight which capabilities support which value stream.)
    • As you initiate your engagement with your stakeholders, don't start a blank page. Leverage the examples on the next slides as a starting point for your business capability map.
    • When using these examples, consider: What are the activities that make up your particular business? Keep the ones that apply to your organisation, remove the ones that don't, and add any needed.

    Align data governance to the organisation's value realisation activities.

    Info-Tech Insight

    A business capability map can be thought of as a visual representation of your organisation's business capabilities and hence represents a view of what your data governance program must support.

    For more information, refer to Info-Tech's Document Your Business Architecture.

    Example business capability map – Retail Banking

    A business capability map can be thought of as a visual representation of your organisation's business capabilities and hence represents a view of what your data governance program must support.

    Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

    Info-Tech Tip:

    Leverage your business capability map verification session with these key stakeholders as a prime opportunity to share and explain the role of data and data governance in supporting the very value realisation capabilities under discussion. This will help to build awareness and visibility of the data governance program.

    Example business capability map for: Retail Banking

    Model example business capability map for retail banking

    For this business capability map, download Info-Tech's Industry Reference Architecture for Retail Banking.

    Example business capability map – Higher Education

    A business capability map can be thought of as a visual representation of your organisation's business capabilities and hence represents a view of what your data governance program must support.

    Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

    Info-Tech Tip:

    Leverage your business capability map verification session with these key stakeholders as a prime opportunity to share and explain the role of data and data governance in supporting the very value realisation capabilities under discussion. This will help to build awareness and visibility of the data governance program.

    Example business capability map for: Higher Education

    Model example business capability map for higher education

    For this business capability map, download Info-Tech's Industry Reference Architecture for Higher Education.

    Example business capability map – Local Government

    A business capability map can be thought of as a visual representation of your organisation's business capabilities and hence represents a view of what your data governance program must support.

    Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

    Info-Tech Tip:

    Leverage your business capability map verification session with these key stakeholders as a prime opportunity to share and explain the role of data and data governance in supporting the very value realisation capabilities under discussion. This will help to build awareness and visibility of the data governance program.

    Example business capability map for: Local Government

    Model example business capability map for local government

    For this business capability map, download Info-Tech's Industry Reference Architecture for Local Government.

    Example business capability map – Manufacturing

    A business capability map can be thought of as a visual representation of your organisation's business capabilities and hence represents a view of what your data governance program must support.

    Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

    Info-Tech Tip:

    Leverage your business capability map verification session with these key stakeholders as a prime opportunity to share and explain the role of data and data governance in supporting the very value realisation capabilities under discussion. This will help to build awareness and visibility of the data governance program.

    Example business capability map for: Manufacturing

    Model example business capability map for manufacturing

    For this business capability map, download Info-Tech's Industry Reference Architecture for Manufacturing.

    Example business capability map - Retail

    A business capability map can be thought of as a visual representation of your organisation's business capabilities and hence represents a view of what your data governance program must support.

    Validate your business capability map with the right stakeholders, including your executive team, business unit leaders, and/or other key stakeholders.

    Info-Tech Tip:

    Leverage your business capability map verification session with these key stakeholders as a prime opportunity to share and explain the role of data and data governance in supporting the very value realisation capabilities under discussion. This will help to build awareness and visibility of the data governance program.

    Example business capability map for: Retail

    Model example business capability map for retail

    For this business capability map, download Info-Tech's Industry Reference Architecture for Retail.

    1.1.2 Categorise Your Organisation's Key Capabilities

    Determine which capabilities are considered high priority in your organisation.

    1. Categorise or heatmap the organisation's key capabilities. Consult with senior and other key business stakeholders to categorise and prioritise the business' capabilities. This will aid in ensuring your data governance future state planning is aligned with the mandate of the business. One approach to prioritising capabilities with business stakeholders is to examine them through the lens of cost advantage creators, competitive advantage differentiators, and/or by high value/high risk.
    2. Identify cost advantage creators. Focus on capabilities that drive a cost advantage for your organisation. Highlight these capabilities and prioritise programs that support them.
    3. Identify competitive advantage differentiators. Focus on capabilities that give your organisation an edge over rivals or other players in your industry.

    This categorisation/prioritisation exercise helps highlight prime areas of opportunity for building use cases, determining prioritisation, and the overall optimisation of data and data governance.

    Input

    • Strategic insight from senior business stakeholders on the business capabilities that drive value for the organisation

    Output

    • Business capabilities categorised and prioritised (e.g. cost advantage creators, competitive advantage differentiators, high value/high risk)

    Materials

    • Your existing business capability map or the business capability map derived in the previous activity

    Participants

    • Key business stakeholders
    • Data stewards
    • Data custodians
    • Data Governance Working Group

    For more information, refer to Info-Tech's Document Your Business Architecture.

    Example of business capabilities categorisation or heatmapping – Retail

    This exercise is useful in ensuring the data governance program is focused and aligned to support the priorities and direction of the business.

    • Depending on the mandate from the business, priority may be on developing cost advantage. Hence the capabilities that deliver efficiency gains are the ones considered to be cost advantage creators.
    • The business' priority may be on maintaining or gaining a competitive advantage over its industry counterparts. Differentiation might be achieved in delivering unique or enhanced products, services, and/or experiences, and the focus will tend to be on the capabilities that are more end-stakeholder-facing (e.g. customer-, student-, patient,- and/or constituent-facing). These are the organisation's competitive advantage creators.

    Example: Retail

    Example of business capabilities categorisation or heatmapping – Retail

    For this business capability map, download Info-Tech's Industry Reference Architecture for Retail.

    1.1.3 Develop a Strategy Map Tied to Data Governance

    Identify the strategic objectives for the business. Knowing the key strategic objectives will drive business-data governance alignment. It's important to make sure the right strategic objectives of the organisation have been identified and are well understood.

    1. Meet with senior business leaders and other relevant stakeholders to help identify and document the key strategic objectives for the business.
    2. Leverage their knowledge of the organisation's business strategy and strategic priorities to visually represent how these map to value streams, business capabilities, and, ultimately, to data and data governance needs and initiatives. Tip: Your map is one way to visually communicate and link the business strategy to other levels of the organisation.
    3. Confirm the strategy mapping with other relevant stakeholders.

    Guide to creating your map: Starting with strategic objectives, map the value streams that will ultimately drive them. Next, link the key capabilities that enable each value stream. Then map the data and data governance to initiatives that support those capabilities. This is one approach to help you prioritise the data initiatives that deliver the most value to the organisation.

    Input

    • Strategic objectives as outlined by the organisation's business strategy and confirmed by senior leaders

    Output

    • A strategy map that maps your organisational strategic objectives to value streams, business capabilities, and, ultimately, to data program

    Materials

    Participants

    • Key business stakeholders
    • Data stewards
    • Data custodians
    • Data Governance Working Group

    Download Info-Tech's Data Governance Planning and Roadmapping Workbook

    Example of a strategy map tied to data governance

    • Strategic objectives are the outcomes that the organisation is looking to achieve.
    • Value streams enable an organisation to create and capture value in the market through interconnected activities that support strategic objectives.
    • Business capabilities define what a business does to enable value creation in value streams.
    • Data capabilities and initiatives are descriptions of action items on the data and data governance roadmap and which will enable one or multiple business capabilities in its desired target state.

    Info-Tech Tip:

    Start with the strategic objectives, then map the value streams that will ultimately drive them. Next, link the key capabilities that enable each value stream. Then map the data and data governance initiatives that support those capabilities. This process will help you prioritise the data initiatives that deliver the most value to the organisation.

    Example: Retail

    Example of a strategy map tied to data governance for retail

    For this strategy map, download Info-Tech's Industry Reference Architecture for Retail.

    Step 1.2

    Build High-Value Use Cases for Data Governance

    Activities

    1.2.1 Build High-Value Use Cases

    This step will guide you through the following activities:

    • Leveraging your categorised business capability map to conduct deep-dive sessions with key business stakeholders for creating high-value uses cases
    • Discussing current challenges, risks, and opportunities associated with the use of data across the lines of business
    • Exploring which other business capabilities, stakeholder groups, and business units will be impacted

    Outcomes of this step

    • Relevant use cases that articulate the data-related challenges, needs, or opportunities that are clear and contained and, if addressed ,will deliver value to the organisation

    Info-Tech Tip

    One of the most important aspects when building use cases is to ensure you include KPIs or measures of success. You have to be able to demonstrate how the use case ties back to the organisational priorities or delivers measurable business value. Leverage the KPIs and success factors of the business capabilities tied to each particular use case.

    1.2.1 Build High-Value Use Cases

    This business needs-gathering activity will highlight and create relevant use cases around data-related problems or opportunities that are clear and contained and, if addressed, will deliver value to the organisation.

    1. Bring together key business stakeholders (data owner, stewards, SMEs) from a particular line of business as well as the relevant data custodian(s) to build cases for their units. Leverage the business capability map you created for facilitating this act.
    2. Leverage Info-Tech's framework for data requirements and methodology for creating use cases, as outlined in the Data Use Case Framework Template and seen on the next slide.
    3. Have the stakeholders move through each breakout session outlined in the Use Case Worksheet. Use flip charts or a whiteboard to brainstorm and document their thoughts.
    4. Debrief and document results in the Data Use Case Framework Template.
    5. Repeat this exercise with as many lines of the business as possible, leveraging your business capability map to guide your progress and align with business value.

    Tip: Don't conclude these use case discussions without substantiating what measures of success will be used to demonstrate the business value of the effort to produce the desired future state, as relevant to each particular use case.

    This business needs-gathering activity will highlight and create relevant use cases around data-related problems or opportunities that are clear and contained and, if addressed, will deliver value to the organisation.

    1. Bring together key business stakeholders (data owner, stewards, SMEs) from a particular line of business as well the relevant data custodian(s) to build cases for their units. Leverage the business capability map you created for facilitating this act.
    2. Leverage Info-Tech's framework for data requirements and methodology for creating use cases, as outlined in the Data Use Case Framework Template and seen on the next slide.
    3. Have the stakeholders move through each breakout session outlined in the Use Case Worksheet. Use flip charts or a whiteboard to brainstorm and document their thoughts.
    4. Debrief and document results in the Data Use Case Framework Template
    5. Repeat this exercise with as many lines of the business as possible, leveraging your business capability map to guide your progress and align with business value.

    Tip: Don't conclude these use case discussions without substantiating what measures of success will be used to demonstrate the business value of the effort to produce the desired future state, as relevant to each particular use case.

    Input

    • Value streams and business capabilities as defined by business leaders
    • Business stakeholders' subject area expertise
    • Data custodian systems, integration, and data knowledge

    Output

    • Use cases that articulate data-related challenges, needs or opportunities that are tied to defined business capabilities and hence if addressed will deliver measurable value to the organisation.

    Materials

    • Your business capability map from activity 1.1.1
    • Info-Tech's Data Use Case Framework Template
    • Whiteboard or flip charts (or shared screen if working remotely)
    • Markers/pens

    Participants

    • Key business stakeholders
    • Data stewards and business SMEs
    • Data custodians
    • Data Governance Working Group

    Download Info-Tech's Data Use Case Framework Template

    Info-Tech's Framework for Building Use Cases

    Objective: This business needs-gathering activity will highlight and create relevant use cases around data-related problems or opportunities that are clear and contained and, if addressed, will deliver value to the organisation.

    Leveraging your business capability map, build use cases that align with the organisation's key business capabilities.

    Consider:

    • Is the business capability a cost advantage creator or an industry differentiator?
    • Is the business capability currently underserved by data?
    • Does this need to be addressed? If so, is this risk- or value-driven?

    Info-Tech's Data Requirements and Mapping Methodology for Creating Use Cases

    1. What business capability (or capabilities) is this use case tied to for your business area(s)?
    2. What are your data-related challenges in performing this today?
    3. What are the steps in this process/activity today?
    4. What are the applications/systems used at each step today?
    5. What data domains are involved, created, used, and/or transformed at each step today?
    6. What does an ideal or improved state look like?
    7. What other business units, business capabilities, activities, and/or processes will be impacted or improved if this issue was solved?
    8. Who are the stakeholders impacted by these changes? Who needs to be consulted?
    9. What are the risks to the organisation (business capability, revenue, reputation, customer loyalty, etc.) if this is not addressed?
    10. What compliance, regulatory, and/or policy concerns do we need to consider in any solution?
    11. What measures of success or change should we use to prove the value of the effort (such as KPIs, ROI)? What is the measurable business value of doing this?

    The resulting use cases are to be prioritised and leveraged for informing the business case and the data governance capabilities optimisation plan.

    Taken from Info-Tech's Data Use Case Framework Template

    Phase 2

    Understand Your Current Data Governance Capabilities

    Three circles are in the image that list the three phases and the main steps. Phase 2 is highlighted.

    This phase will guide you through the following activities:

    • Understand the Key Components of Data Governance
    • Gauge Your Organisation's Current Data Culture

    This phase involves the following participants:

    • Data Leadership
    • Data Ownership & Stewardship
    • Policies & Procedures
    • Data Literacy & Culture
    • Operating Model
    • Data Management
    • Data Privacy & Security
    • Enterprise Projects & Services

    Step 2.1

    Understand the Key Components of Data Governance

    This step will guide you through the following activities:

    • Understanding the core components of an effective data governance program and determining your organisation's current capabilities in these areas:
      • Data Leadership
      • Data Ownership & Stewardship
      • Policies & Procedures
      • Data Literacy & Culture
      • Operating Model
      • Data Management
      • Data Privacy & Security
      • Enterprise Projects & Services

    Outcomes of this step

    • An understanding of the core components of an effective data governance program
    • An understanding your organisation's current data governance capabilities

    Leverage Info-Tech's: Data Governance Initiative Planning and Roadmap Tool to assess your current data governance capabilities and plot your target state accordingly.

    This tool will help your organisation plan the sequence of activities, capture start dates and expected completion dates, and create a roadmap that can be effectively communicated to the organisation.

    Review: Info-Tech's Data Governance Framework

    An image of Info-Tech's Data Governance Framework

    Key components of data governance

    A well-defined data governance program will deliver:

    • Defined accountability and responsibility for data.
    • Improved knowledge and common understanding of the organisation's data assets.
    • Elevated trust and confidence in traceable data.
    • Improved data ROI and reduced data debt.
    • An enabling framework for supporting the ethical use and handling of data.
    • A foundation for building and fostering a data-driven and data-literate organisational culture.

    The key components of establishing sustainable enterprise data governance, taken from Info-Tech's Data Governance Framework:

    • Data Leadership
    • Data Ownership & Stewardship
    • Operating Model
    • Policies & Procedures
    • Data Literacy & Culture
    • Data Management
    • Data Privacy & Security
    • Enterprise Projects & Services

    Data Leadership

    • Data governance needs a dedicated head or leader to steer the organisation's data governance program.
    • For organisations that do have a chief data officer (CDO), their office is the ideal and effective home for data governance.
    • Heads of data governance also have titles such as director of data governance, director of data quality, and director of analytics.
    • The head of your data governance program works with all stakeholders and partners to ensure there is continuous enterprise governance alignment and oversight and to drive the program's direction.
    • While key stakeholders from the business and IT will play vital data governance roles, the head of data governance steers the various components, stakeholders, and initiatives, and provides oversight of the overall program.
    • Vital data governance roles include: data owners, data stewards, data custodians, data governance steering committee (or your organisation's equivalent), and any data governance working group(s).

    The role of the CDO: the voice of data

    The office of the chief data officer (CDO):

    • Has a cross-organisational vision and strategy for data.
    • Owns and drives the data strategy; ensures it supports the overall organisational strategic direction and business goals.
    • Leads the organisational data initiatives, including data governance
    • Is accountable for the policy, strategy, data standards, and data literacy necessary for the organisation to operate effectively.
    • Educates users and leaders about what it means to be 'data-driven.'
    • Builds and fosters a culture of data excellence.

    'Compared to most of their C-suite colleagues, the CDO is faced with a unique set of problems. The role is still being defined. The chief data officer is bringing a new dimension and focus to the organisation: "data." '
    – Carruthers and Jackson, 2020

    Who does the CDO report to?

    Example reporting structure.
    • The CDO should be a true C- level executive.
    • Where the organisation places the CDO role in the structure sends an important signal to the business about how much it values data.

    'The title matters. In my opinion, you can't have a CDO without executive authority. Otherwise no one will listen.'

    – Anonymous European CDO

    'The reporting structure depends on who's the 'glue' that ties together all these uniquely skilled individuals.'

    – John Kemp, Senior Director, Executive Services, Info-Tech Research Group

    Data Ownership & Stewardship

    Who are best suited to be data owners?

    • Wherever they may sit in your organisation, data owners will typically have the highest stake in that data.
    • Data owners needs to be suitably senior and have the necessary decision-making power.
    • They have the highest interest in the related business data domain, whether they are the head of a business unit or the head of a line of business that produces data or consumes data (or both).
    • If they are neither of these, it's unlikely they will have the interest in the data (in terms of its quality, protection, ethical use, and handling, for instance) necessary to undertake and adopt the role effectively.

    Data owners are typically senior business leaders with the following characteristics:

    • Positioned to accept accountability for their data domain.
    • Hold authority and influence to affect change, including across business processes and systems, needed to improve data quality, use, handling, integration, etc.
    • Have access to a budget and resources for data initiatives such as resolving data quality issues, data cleansing initiatives, business data catalogue build, related tools and technology, policy management, etc.
    • Hold the influence needed to drive change in behaviour and culture.
    • Act as ambassadors of data and its value as an organisational strategic asset.

    Right-size your data governance organisational structure

    • Most organisations strive to identify roles and responsibilities at a strategic, and operational level. Several factors will influence the structure of the program such as the focus of the data governance project as well as the maturity and size of the organisation.
    • Your data governance structure has to work for your organisation, and it has to evolve as the organisation evolves.
    • Formulate your blend of data governance roles, committees, councils, and cross-functional groups, that make sense for your organisation.
    • Your data governance organisational structure should not add complexity or bureaucracy to your organisation's data landscape; it should support and enable your principle of treating data as an asset.

    There is no one-size-fits-all data governance organisational structure.

    Example of a Data Governance Organisational Structure

    Critical roles and responsibilities for data governance

    Data Governance Working Groups

    Data governance working groups:

    • Are cross-functional teams
    • Deliver on data governance projects, initiatives, and ad hoc review committees.

    Data Stewards

    Traditionally, data stewards:

    • Serve on an operational level addressing issues related to adherence to standards/procedures, monitoring data quality, raising issues identified, etc.
    • Are responsible for managing access, quality, escalating issues, etc.

    Data Custodians

    • Traditionally, data custodians:
    • Serve on an operational level addressing issues related to data and database administration.
    • Support the management of access, data quality, escalating issues, etc.
    • Are SMEs from IT and database administration.

    Example: Business capabilities to data owner and data stewards mapping for a selected data domain

    Info-Tech Insight

    Your organisation's value streams and the associated business capabilities require effectively governed data. Without this, you face elevated operational costs, missed opportunities, eroded stakeholder satisfaction, and exposure to increased business risk.

    Enabling business capabilities with data governance role definitions

    Example: Business capabilities to data owner and data stewards mapping for a selected data domain

    Operating Model

    Your operating model is the key to designing and operationalizing a form of data governance that delivers measurable business value to your organisation.

    'Generate excitement for data: When people are excited and committed to the vision of data enablement, they're more likely to help ensure that data is high quality and safe.' – Petzold, et al., 2020

    Operating Model

    Defining your data governance operating model will help create a well-oiled program that sustainably delivers value to the organisation and manages risks while building and fostering a culture of data excellence along the way. Some organisations are able to establish a formal data governance office, whether independent or attached to the office of the chief data officer. Regardless of how you are organised, data governance requires a home, a leader, and an operating model to ensure its sustainability and evolution.

    Examples of focus areas for your operating model:

    • Delivery: While there are core tenets to every data governance program, there is a level of variability in the implementation of data governance programs across organisations, sectors, and industries. Every organisation has its own particular drivers and mandates, so the level and rigour applied will also vary.
    • The key is to determine what style will work best in your organisation, taking into consideration your organisational culture, executive leadership support (present and ongoing), catalysts such as other enterprise-wide transformative and modernisation initiatives, and/or regulatory and compliances drivers.

    • Communication: Communication is vital across all levels and stakeholder groups. For instance, there needs to be communication from the data governance office up to senior leadership, as well as communication within the data governance organisation, which is typically made up of the data governance steering committee, data governance council, executive sponsor/champion, data stewards, and data custodians and working groups.
    • Furthermore, communication with the wider organisation of data producers, users, and consumers is one of the core elements of the overall data governance communications plan.

    Communication is vital for ensuring acceptance of new processes, rules, guidelines, and technologies by all data producers and users as well as for sharing success stories of the program.

    Operating Model

    Tie the value of data governance and its initiatives back to the business capabilities that are enabled.

    'Leading organisations invest in change management to build data supporters and convert the sceptics. This can be the most difficult part of the program, as it requires motivating employees to use data and encouraging producers to share it (and ideally improve its quality at the source)[.]' – Petzold, et al., 2020

    Operating Model

    Examples of focus areas for your operating model (continued):

    • Change management and issue resolution: Data governance initiatives will very likely bring about a level of organisational disruption, with governance recommendations and future state requiring potentially significant business change. This may include a redesign of a substantial number of data processes affecting various business units, which will require tweaking the organisation's culture, thought processes, and procedures surrounding its data.
    • Preparing people for change well in advance will allow them to take the steps necessary to adapt and reduce potential confrontation. By planning for and efficiently communicating any changes that a data governance initiative may bring, many initial issues can be resolved from the outset.

      Attempting to implement change without an effective communications plan can result in disagreements over data control and stalemates between stakeholder units. The recommendations of the governance group must reflect the needs of all stakeholders or there will be pushback.

    • Performance measuring, monitoring and reporting: Measuring and reporting on performance, successes, and realisation of tangible business value are a must for sustaining, growing, and scaling your data governance program.
    • Aligning your data governance to the organisation's value realisation activities enables you to leverage the KPIs of those business capabilities to demonstrate tangible and measurable value. Use terms and language that will resonate with your senior business leadership.

    Info-Tech Tip:

    Launching a data governance program will bring with it a level of disruption to the culture of the organisation. That disruption doesn't have to be detrimental if you are prepared to manage the change proactively and effectively.

    Policies, Procedures & Standards

    'Data standards are the rules by which data are described and recorded. In order to share, exchange, and understand data, we must standardise the format as well as the meaning.' – U.S. Geological Survey

    Policies, Procedures & Standards

    • When defining, updating, or refreshing your data policies, procedures, and standards, ensure they are relevant, serve a purpose, and/or support the use of data in the organisation.
    • Avoid the common pitfall of building out a host of policies, procedures, and standards that are never used or followed by users and therefore don't bring value or serve to mitigate risk for the organisation.
    • Data policies can be thought of as formal statements and are typically created, approved, and updated by the organisation's data decision-making body (such as a data governance steering committee).
    • Data standards and procedures function as actions, or rules, that support the policies and their statements.
    • Standards and procedures are designed to standardise the processes during the overall data lifecycle. Procedures are instructions to achieve the objectives of the policies. The procedures are iterative and will be updated with approval from your data governance committee as needed.
    • Your organisation's data policies, standards, and procedures should not bog down or inhibit users; rather, they should enable confident data use and handling across the overall data lifecycle. They should support more effective and seamless data capture, integration, aggregation, sharing, and retention of data in the organisation.

    Examples of data policies:

    • Data Classification Policy
    • Data Retention Policy
    • Data Entry Policy
    • Data Backup Policy
    • Data Provenance Policy
    • Data Management Policy

    See Info-Tech's Data Governance Policy Template: This policy establishes uniformed data governance standards and identifies the shared responsibilities for assuring the integrity of the data and that it efficiently and effectively serves the needs of your organisation.

    Data Domain Documentation

    Select the correct granularity for your business need

    Diagram of data domain documentation
    Sources: Dataversity; Atlan; Analytics8

    Data Domain Documentation Examples

    Data Domain Documentation Examples

    Data Culture

    'Organisational culture can accelerate the application of analytics, amplify its power, and steer companies away from risky outcomes.' – Petzold, et al., 2020

    A healthy data culture is key to amplifying the power of your data and to building and sustaining an effective data governance program.

    What does a healthy data culture look like?

    • Everybody knows the data.
    • Everybody trusts the data.
    • Everybody talks about the data.

    Building a culture of data excellence.

    Leverage Info-Tech's Data Culture Diagnostic to understand your organisation's culture around data.

    Screenshot of Data Culture Scorecard

    Contact your Info-Tech Account Representative for more information on the Data Culture Diagnostic

    Cultivating a data-driven culture is not easy

    'People are at the heart of every culture, and one of the biggest challenges to creating a data culture is bringing everyone into the fold.' – Lim, Alation

    It cannot be purchased or manufactured,

    It must be nurtured and developed,

    And it must evolve as the business, user, and data landscapes evolve.

    'Companies that have succeeded in their data-driven efforts understand that forging a data culture is a relentless pursuit, and magic bullets and bromides do not deliver results.' – Randy Bean, 2020

    Hallmarks of a data-driven culture

    There is a trusted, single source of data the whole company can draw from.

    There's a business glossary and data catalogue and users know what the data fields mean.

    Users have access to data and analytics tools. Employees can leverage data immediately to resolve a situation, perform an activity, or make a decision – including frontline workers.

    Data literacy, the ability to collect, manage, evaluate, and apply data in a critical manner, is high.

    Data is used for decision making. The company encourages decisions based on objective data and the intelligent application of it.

    A data-driven culture requires a number of elements:

    • High-quality data
    • Broad access and data literacy
    • Data-driven decision-making processes
    • Effective communication

    Data Literacy

    Data literacy is an essential part of a data-driven culture.

    • Building a data-driven culture takes an ongoing investment of time, effort, and money.
    • This investment will not realise its full return without building up the organisation's data literacy.
    • Data literacy is about filling data knowledge gaps across all levels of the organisation.
    • It's about ensuring all users – senior leadership right through to core users – are equipped with appropriate levels of training, skills, understanding, and awareness around the organisation's data and the use of associated tools and technologies. Data literacy ensures users have the data they need and they know how to interpret and leverage it.
    • Data literacy drives the appetite, demand, and consumption for data.
    • A data-literate culture is one where the users feel confident and skilled in their use of data, leveraging it for making informed or evidence-based decisions and generating insights for the organisation.

    Data Management

    • Data governance serves as an enabler to all of the core components that make up data management:
      • Data quality management
      • Data architecture management
      • Data platform
      • Data integration
      • Data operations management
      • Data risk management
      • Reference and master data management (MDM)
      • Document and content management
      • Metadata management
      • Business intelligence (BI), reporting, analytics and advanced analytics, artificial intelligence (AI), machine learning (ML)
    • Key tools such as the business data glossary and data catalogue are vital for operationalizing data governance and in supporting data management disciplines such as data quality management, metadata management, and MDM as well as BI, reporting, and analytics.

    Enterprise Projects & Services

    • Data governance serves as an enabler to enterprise projects and services that require, use, share, sell, and/or rely on data for their viability and, ultimately, their success.
    • Folding or embedding data governance into the organisation's project management function or project management office (PMO) serves to ensure that, for any initiative, suitable consideration is given to how data is treated.
    • This may include defining parameters, following standards and procedures around bringing in new sources of data, integrating that data into the organisation's data ecosystem, using and sharing that data, and retaining that data post-project completion.
    • The data governance function helps to identify and manage any ethical issues, whether at the start of the project and/or throughout.
    • It provides a foundation for asking relevant questions as it relates to the use or incorporation of data in delivering the specific project or service. Do we know where the data obtained from? Do we have rights to use that data? Are there legislations, policies, or regulations that guide or dictate how that data can be used? What are the positive effects, negative impacts, and/or risks associated with our intended use of that data? Are we positioned to mitigate those risks?
    • Mature data governance creates organisations where the above considerations around data management and the ethical use and handling of data is routinely implemented across the business and in the rollout and delivery of projects and services.

    Data Privacy & Security

    • Data governance supports the organisation's data privacy and security functions.
    • Key tools include the data classification policy and standards and defined roles around data ownership and data stewardship. These are vital for operationalizing data governance and supporting data privacy, security, and the ethical use and handling of data.
    • While some organisations may have a dedicated data security and privacy group, data governance provides an added level of oversight in this regard.
    • Some of the typical checks and balances include ensuring:
      • There are policies and procedures in place to restrict and monitor staff's access to data (one common way this is done is according to job descriptions and responsibilities) and that these comply with relevant laws and regulations.
      • There's a data classification scheme in place where data has been classified on a hierarchy of sensitivity (e.g. top secret, confidential, internal, limited, public).
      • The organisation has a comprehensive data security framework, including administrative, physical, and technical procedures for addressing data security issues (e.g. password management and regular training).
      • Risk assessments are conducted, including an evaluation of risks and vulnerabilities related to intentional and unintentional misuse of data.
      • Policies and procedures are in place to mitigate the risks associated with incidents such as data breaches.
      • The organisation regularly audits and monitors its data security.

    Ethical Use & Handling of Data

    Data governance will support your organisation's ethical use and handling of data by facilitating definition around important factors, such as:

    • What are the various data assets in the organisation and what purpose(s) can they be used for? Are there any limitations?
    • Who is the related data owner? Who holds accountability for that data? Who will be answerable?
    • Where was the data obtained from? What is the intended use of that data? Do you have rights to use that data? Are there legislations, policies, or regulations that guide or dictate how that data can be used?
    • What are the positive effects, negative impacts, and/or risks associated with the use of that data?

    Ethical Use & Handling of Data

    • Data governance serves as an enabler to the ethical use and handling of an organisation's data.
    • The Open Data Institute (ODI) defines data ethics as: 'A branch of ethics that evaluates data practices with the potential to adversely impact on people and society – in data collection, sharing and use.'
    • Data ethics relates to good practice around how data is collected, used and shared. It's especially relevant when data activities have the potential to impact people and society, whether directly or indirectly (Open Data Institute, 2019).
    • A failure to handle and use data ethically can negatively impact an organisation's direct stakeholders and/or the public at large, lead to a loss of trust and confidence in the organisation's products and services, lead to financial loss, and impact the organisation's brand, reputation, and legal standing.
    • Data governance plays a vital role is building and managing your data assets, knowing what data you have, and knowing the limitations of that data. Data ownership, data stewardship, and your data governance decision-making body are key tenets and foundational components of your data governance. They enable an organisation to define, categorise, and confidently make decisions about its data.

    Step 2.2

    Gauge Your Organisation's Current Data Culture

    Activities

    2.2.1 Gauge Your Organisation's Current Data Culture

    This step will guide you through the following activities:

    • Conduct a data culture survey or leverage Info-Tech's Data Culture Diagnostic to increase your understanding of your organisation's data culture

    Outcomes of this step

    • An understanding of your organisational data culture

    2.2.1 Gauge Your Organisation's Current Data Culture

    Conduct a Data Culture Survey or Diagnostic

    The objectives of conducting a data culture survey are to increase the understanding of the organisation's data culture, your users' appetite for data, and their appreciation for data in terms of governance, quality, accessibility, ownership, and stewardship. To perform a data culture survey:

    1. Identify members of the data user base, data consumers, and other key stakeholders for surveying.
    2. Conduct an information session to introduce Info-Tech's Data Culture Diagnostic survey. Explain the objective and importance of the survey and its role in helping to understand the organisation's current data culture and inform the improvement of that culture.
    3. Roll out the Info-Tech Data Culture Diagnostic survey to the identified users and stakeholders.
    4. Debrief and document the results and scorecard in the Data Strategy Stakeholder Interview Guide and Findings document.

    Input

    • Email addresses of participants in your organisation who should receive the survey

    Output

    • Your organisation's Data Culture Scorecard for understanding current data culture as it relates to the use and consumption of data
    • An understanding of whether data is currently perceived to be an asset to the organisation

    Materials

    Screenshot of Data Culture Scorecard

    Participants

    • Participants include those at the senior leadership level through to middle management, as well as other business stakeholders at varying levels across the organisation
    • Data owners, stewards, and custodians
    • Core data users and consumers

    Contact your Info-Tech Account Representative for details on launching a Data Culture Diagnostic.

    Phase 3

    Build a Target State Roadmap and Plan

    Three circles are in the image that list the three phases and the main steps. Phase 3 is highlighted.

    'Achieving data success is a journey, not a sprint. Companies that set a clear course, with reasonable expectations and phased results over a period of time, get to the destination faster.' – Randy Bean, 2020

    This phase will guide you through the following activities:

    • Build your Data Governance Roadmap
    • Develop a target state plan comprising of prioritised initiatives

    This phase involves the following participants:

    • Data Governance Leadership
    • Data Owners/Data Stewards
    • Data Custodians
    • Data Governance Working Group(s)

    Step 3.1

    Formulate an Actionable Roadmap and Right-Sized Plan

    This step will guide you through the following activities:

    • Build your data governance roadmap
    • Develop a target state plan comprising of prioritised initiatives

    Download Info-Tech's Data Governance Planning and Roadmapping Workbook

    See Info-Tech's Data Governance Program Charter Template: A program charter template to sell the importance of data governance to senior executives.

    This template will help get the backing required to get a data governance project rolling. The program charter will help communicate the project purpose, define the scope, and identify the project team, roles, and responsibilities.

    Outcomes of this step

    • A foundation for data governance initiative planning that's aligned with the organisation's business architecture: value streams, business capability map, and strategy map

    Build a right-sized roadmap

    Formulate an actionable roadmap that is right sized to deliver value in your organisation.

    Key considerations:

    • When building your data governance roadmap, ensure you do so through an enterprise lens. Be cognizant of other initiatives that might be coming down the pipeline that may require you to align your data governance milestones accordingly.
    • Apart from doing your planning with consideration for other big projects or launches that might be in-flight and require the time and attention of your data governance partners, also be mindful of the more routine yet still demanding initiatives.
    • When doing your roadmapping, consider factors like the organisation's fiscal cycle, typical or potential year-end demands, and monthly/quarterly reporting periods and audits. Initiatives such as these are likely to monopolise the time and focus of personnel key to delivering on your data governance milestones.

    Sample milestones:

    Data Governance Leadership & Org Structure Definition

    Define the home for data governance and other key roles around ownership and stewardship, as approved by senior leadership.

    Data Governance Charter and Policies

    Create a charter for your program and build/refresh associated policies.

    Data Culture Diagnostic

    Understand the organisation's current data culture, perception of data, value of data, and knowledge gaps.

    Use Case Build and Prioritisation

    Build a use case that is tied to business capabilities. Prioritise accordingly.

    Business Data Glossary/catalogue

    Build and/or refresh the business' glossary for addressing data definitions and standardisation issues.

    Tools & Technology

    Explore the tools and technology offering in the data governance space that would serve as an enabler to the program. (e.g. RFI, RFP).

    Recall: Info-Tech's Data Governance Framework

    An image of Info-Tech's Data Governance Framework

    Build an actionable roadmap

    Data Governance Leadership & Org Structure Division

    Define key roles for getting started.

    Use Case Build & Prioritisation

    Start small and then scale – deliver early wins.

    Literacy Program

    Start understanding data knowledge gaps, building the program, and delivering.

    Tools & Technology

    Make the available data governance tools and technology work for you.

    Key components of your data governance roadmap

    Data Governance Program Charter Template – A program charter template to sell the importance of data governance to senior executives.

    This template will help get the backing required to get a data governance project rolling. The program charter will help communicate the project purpose, define the scope, and identify the project team, roles, and responsibilities.

    By now, you have assessed current data governance environment and capabilities. Use this assessment, coupled with the driving needs of your business, to plot your data Governance roadmap accordingly.

    Sample data governance roadmap milestones:

    • Define data governance leadership.
    • Define and formalise data ownership and stewardship (as well as the role IT/data management will play as data custodians).
    • Build/confirm your business capability map and data domains.
    • Build business data use cases specific to business capabilities.
    • Define business measures/KPIs for the data governance program (i.e. metrics by use case that are relevant to business capabilities).
    • Data management:
      • Build your data glossary or catalogue starting with identified and prioritised terms.
      • Define data domains.
    • Design and define the data governance operating model (oversight model definition, communication plan, internal marketing such as townhalls, formulate change management plan, RFP of data governance tool and technology options for supporting data governance and its administration).
    • Data policies and procedures:
      • Formulate, update, refresh, consolidate, rationalise, and/or retire data policies and procedures.
      • Define policy management and administration framework (i.e. roll-out, maintenance, updates, adherence, system to be used).
    • Conduct Info-Tech's Data Culture Diagnostic or survey (across all levels of the organisation).
    • Define and formalise the data literacy program (build modules, incorporate into LMS, plan lunch and learn sessions).
    • Data privacy and security: build data classification policy, define classification standards.
    • Enterprise projects and services: embed data governance in the organisation's PMO, conduct 'Data Governance 101' for the PMO.

    Defining data governance roles and organisational structure at Organisation

    The approach employed for defining the data governance roles and supporting organisational structure for .

    Key Considerations:

    • The data owner and data steward roles are formally defined and documented within the organisation. Their involvement is clear, well-defined, and repeatable.
    • There are data owners and data stewards for each data domain within the organisation. The data steward role is given to someone with a high degree of subject matter expertise.
    • Data owners and data stewards are effective in their roles by ensuring that their data domain is clean and free of errors and that they protect the organisation against data loss.
    • Data owners and data stewards have the authority to make final decisions on data definitions, formats, and standard processes that apply to their respective data sets. Data owners and data stewards have authority regarding who has access to certain data.
    • Data owners and data stewards are not from the IT side of the organisation. They understand the lifecycle of the data (how it is created, curated, retrieved, used, archived, and destroyed) and they are well-versed in any compliance requirements as it relates to their data.
    • The data custodian role is formally defined and is given to the relevant IT expert. This is an individual with technical administrative and/or operational responsibility over data (e.g. a DBA).
    • A data governance steering committee exists and is comprised of well-defined roles, responsibilities, executive sponsors, business representatives, and IT experts.
    • The data governance steering committee works to provide oversight and enforce policies, procedures, and standards for governing data.
    • The data governance working group has cross-functional representation. This comprises business and IT representation, as well as project management and change management where applicable: data stewards, data custodians, business subject matter experts, PM, etc.).
    • Data governance meetings are coordinated and communicated about. The meeting agenda is always clear and concise, and meetings review pressing data-related issues. Meeting minutes are consistently documented and communicated.

    Sample: Business capabilities to data owner and data stewards mapping for a selected data domain

    Info-Tech Insight

    Your organisation's value streams and the associated business capabilities require effectively governed data. Without this, you face elevated operational costs, missed opportunities, eroded stakeholder satisfaction, and exposure to increased business risk.

    Enable business capabilities with data governance role definitions.

    Sample: Business capabilities to data owner and data stewards mapping for a selected data domain

    Consider your technology options:

    Make the available data governance tools and technology work for you:

    • Data catalogue
    • Business data glossary
    • Data lineage
    • Metadata management

    Logos of data governance tools and technology.

    These are some of the data governance tools and technology players. Check out SoftwareReviews for help making better software decisions.

    Make the data steward the catalyst for organisational change and driving data culture

    The data steward must be empowered and backed politically with decision-making authority, or the role becomes stale and powerless.

    Ensuring compliance can be difficult. Data stewards may experience pushback from stakeholders who must deliver on the policies, procedures, and processes that the data steward enforces.

    Because the data steward must enforce data processes and liaise with so many different people and departments within the organisation, the data steward role should be their primary full-time job function – where possible.

    However, in circumstances where budget doesn't allow a full-time data steward role, develop these skills within the organisation by adding data steward responsibilities to individuals who are already managing data sets for their department or line of business.

    Info-Tech Tip

    A stewardship role is generally more about managing the cultural change that data governance brings. This requires the steward to have exceptional interpersonal skills that will assist in building relationships across departmental boundaries and ensuring that all stakeholders within the organisation believe in the initiative, understand the anticipated outcomes, and take some level of responsibility for its success.

    Changes to organisational data processes are inevitable; have a communication plan in place to manage change

    Create awareness of your data governance program. Use knowledge transfer to get as many people on board as possible.

    Data governance initiatives must contain a strong organisational disruption component. A clear and concise communication strategy that conveys milestones and success stories will address the various concerns that business unit stakeholders may have.

    By planning for and efficiently communicating any changes that a data governance initiative may bring, many initial issues can be resolved from the outset.

    Governance recommendations will require significant business change. The redesign of a substantial number of data processes affecting various business units will require an overhaul of the organisation's culture, thought processes, and procedures surrounding its data. Preparing people for change well in advance will allow them to take the necessary steps to adapt and reduce potential confrontation.

    Because a data governance initiative will involve data-driven business units across the organisation, the governance team must present a compelling case for data governance to ensure acceptance of new processes, rules, guidelines, and technologies by all data producers and users.

    Attempting to implement change without an effective communication plan can result in disagreements over data control and stalemates between stakeholder units. The recommendations of the governance group must reflect the needs of all stakeholders or there will be pushback.

    Info-Tech Insight

    Launching a data governance initiative is guaranteed to disrupt the culture of the organisation. That disruption doesn't have to be detrimental if you are prepared to manage the change proactively and effectively.

    Create a common data governance vision that is consistently communicated to the organisation

    A data governance program should be an enterprise-wide initiative.

    To create a strong vision for data governance, there must be participation from the business and IT. A common vision will articulate the state the organisation wishes to achieve and how it will reach that state. Visioning helps to develop long-term goals and direction.

    Once the vision is established, it must be effectively communicated to everyone, especially those who are involved in creating, managing, disposing, or archiving data.

    The data governance program should be periodically refined. This will ensure the organisation continues to incorporate best methods and practices as the organisation grows and data needs evolve.

    Info-Tech Tips

    • Use information from the stakeholder interviews to derive business goals and objectives.
    • Work to integrate different opinions and perspectives into the overall vision for data governance.
    • Brainstorm guiding principles for data and understand the overall value to the organisation.

    Develop a compelling data governance communications plan to get all departmental lines of business on board

    A data governance program will impact all data-driven business units within the organisation.

    A successful data governance communications plan involves making the initiative visible and promoting staff awareness. Educate the team on how data is collected, distributed, and used, what internal processes use data, and how that data is used across departmental boundaries.

    By demonstrating how data governance will affect staff directly, you create a deeper level of understanding across lines of business, and ultimately, a higher level of acceptance for new processes, rules, and guidelines.

    A clear and concise communications strategy will raise the profile of data governance within the organisation, and staff will understand how the program will benefit them and how they can share in the success of the initiative. This will end up providing support for the initiative across the board.

    A proactive communications plan will:

    • Assist in overcoming issues with data control, stalemates between stakeholder units, and staff resistance.
    • Provide a formalised process for implementing new policies, rules, guidelines, and technologies, and managing organisational data.
    • Detail data ownership and accountability for decision making, and identify and resolve data issues throughout the organisation.
    • Encourage acceptance and support of the initiative.

    Info-Tech Tip

    Focus on literacy and communication: include training in the communication plan. Providing training for data users on the correct procedures for updating and verifying the accuracy of data, data quality, and standardised data policies will help validate how data governance will benefit them and the organisation.

    Leverage the data governance program to communicate and promote the value of data within the organisation

    The data governance program is responsible for continuously promoting the value of data to the organisation. The data governance program should seek a variety of ways to educate the organisation and data stakeholders on the benefit of data management.

    Even if data policies and procedures are created, they will be highly ineffective if they are not properly communicated to the data producers and users alike.

    There needs to be a communication plan that highlights how the data producer and user will be affected, what their new responsibilities are, and the value of that change.

    To learn how to manage organisational change, refer to Info-Tech's Master Organisational Change Management Practices.

    Understand what makes for an effective policy for data governance

    It can be difficult to understand what a policy is, and what it is not. Start by identifying the differences between a policy and standards, guidelines, and procedures.

    Diagram of an effective policy for data governance

    The following are key elements of a good policy:

    Heading Descriptions
    Purpose Describes the factors or circumstances that mandate the existence of the policy. Also states the policy's basic objectives and what the policy is meant to achieve.
    Scope Defines to whom and to what systems this policy applies. Lists the employees required to comply or simply indicates 'all' if all must comply. Also indicates any exclusions or exceptions, i.e. those people, elements, or situations that are not covered by this policy or where special consideration may be made.
    Definitions Define any key terms, acronyms, or concepts that will be used in the policy. A standard glossary approach is sufficient.
    Policy Statements Describe the rules that comprise the policy. This typically takes the form of a series of short prescriptive and proscriptive statements. Sub-dividing this section into sub-sections may be required depending on the length or complexity of the policy.
    Non-Compliance Clearly describe consequences (legal and/or disciplinary) for employee non-compliance with the policy. It may be pertinent to describe the escalation process for repeated non-compliance.
    Agreement Confirms understanding of the policy and provides a designated space to attest to the document.

    Leverage myPolicies, Info-Tech's web-based application for managing your policies and procedures

    Most organisations have problems with policy management. These include:

    1. Policies are absent or out of date
    2. Employees largely unaware of policies in effect
    3. Policies are unmonitored and unenforced
    4. Policies are in multiple locations
    5. Multiple versions of the same policy exist
    6. Policies managed inconsistently across different silos
    7. Policies are written poorly by untrained authors
    8. Inadequate policy training program
    9. Draft policies stall and lose momentum
    10. Weak policy support from senior management

    Technology should be used as a means to solve these problems and effectively monitor, enforce, and communicate policies.

    Product Overview

    myPolicies is a web-based solution to create, distribute, and manage corporate policies, procedures, and forms. Our solution provides policy managers with the tools they need to mitigate the risk of sanctions and reduce the administrative burden of policy management. It also enables employees to find the documents relevant to them and build a culture of compliance.

    Some key success factors for policy management include:

    • Store policies in a central location that is well known and easy to find and access. A key way that technology can help communicate policies is by having them published on a centralised website.
    • Link this repository to other policies' taxonomies of your organisation. E.g. HR policies to provide a single interface for employees to access guidance across the organisation.
    • Reassess policies annually at a minimum. myPolicies can remind you to update the organisation's policies at the appropriate time.
    • Make the repository searchable and easily navigable.
    • myPolicies helps you do all this and more.
    myPolicies logo myPolicies

    Enforce data policies to promote consistency of business processes

    Data policies are short statements that seek to manage the creation, acquisition, integrity, security, compliance, and quality of data. These policies vary amongst organisations, depending on your specific data needs.

    • Policies describe what to do, while standards and procedures describe how to do something.
    • There should be few data policies, and they should be brief and direct. Policies are living documents and should be continuously updated to respond to the organisation's data needs.
    • The data policies should highlight who is responsible for the data under various scenarios and rules around how to manage it effectively.

    Examples of Data Policies

    Trust

    • Data Cleansing and Quality Policy
    • Data Entry Policy

    Availability

    • Acceptable Use Policy
    • Data Backup Policy

    Security

    • Data Security Policy
    • Password Policy Template
    • User Authorisation, Identification, and Authentication Policy Template
    • Data Protection Policy

    Compliance

    • Archiving Policy
    • Data Classification Policy
    • Data Retention Policy

    Leverage data management-related policies to standardise your data management practices

    Info-Tech's Data Management Policy:

    This policy establishes uniform data management standards and identifies the shared responsibilities for assuring the integrity of the data and that it efficiently and effectively serves the needs of the organisation. This policy applies to all critical data and to all staff who may be creators and/or users of such data.

    Info-Tech's Data Entry Policy:

    The integrity and quality of data and evidence used to inform decision making is central to both the short-term and long-term health of an organisation. It is essential that required data be sourced appropriately and entered into databases and applications in an accurate and complete manner to ensure the reliability and validity of the data and decisions made based on the data.

    Info-Tech's Data Provenance Policy:

    Create policies to keep your data's value, such as:

    • Only allow entry of data from reliable sources.
    • Employees entering and accessing data must observe requirements for capturing/maintaining provenance metadata.
    • Provenance metadata will be used to track the lifecycle of data from creation through to disposal.

    Info-Tech's Data Integration and Virtualisation Policy:

    This policy aims to assure the organisation, staff, and other interested parties that data integration, replication, and virtualisation risks are taken seriously. Staff must use the policy (and supporting guidelines) when deciding whether to integrate, replicate, or virtualise data sets.

    Select the right mix of metrics to successfully supervise data policies and processes

    Policies are only as good as your level of compliance. Ensure supervision controls exist to oversee adherence to policies and procedures.

    Although they can be highly subjective, metrics are extremely important to data governance success.

    • Establishing metrics that measure the performance of a specific process or data set will:
      • Create a greater degree of ownership from data stewards and data owners.
      • Help identify underperforming individuals.
      • Allow the steering committee to easily communicate tailored objectives to individual data stewards and owners.
    • Be cautious when establishing metrics. The wrong metrics can have negative repercussions.
      • They will likely draw attention to an aspect of the process that doesn't align with the initial strategy.
      • Employees will work hard and grow frustrated as their successes aren't accurately captured.

    Policies are great to have from a legal perspective, but unless they are followed, they will not benefit the organisation.

    • One of the most useful metrics for policies is currency. This tracks how up to date the policy is and how often employees are informed about the policy. Often, a policy will be introduced and then ignored. Policies must be continuously reviewed by management and employees.
    • Some other metrics include adherence (including performance in tests for adherence) and impacts from non-adherence.

    Review metrics on an ongoing basis with those data owners/stewards who are accountable, the data governance steering committee, and the executive sponsors.

    Establish data standards and procedures for use across all organisational lines of business

    A data governance program will impact all data-driven business units within the organisation.

    • Data management procedures are the methods, techniques, and steps to accomplish a specific data objective. Creating standard data definitions should be one of the first tasks for a data governance steering committee.
    • Data moves across all departmental boundaries and lines of business within the organisation. These definitions must be developed as a common set of standards that can be accepted and used enterprise wide.
    • Consistent data standards and definitions will improve data flow across departmental boundaries and between lines of business.
    • Ensure these standards and definitions are used uniformly throughout the organisation to maintain reliable and useful data.

    Data standards and procedural guidelines will vary from company to company.

    Examples include:

    • Data modelling and architecture standards.
    • Metadata integration and usage procedures.
    • Data security standards and procedures.
    • Business intelligence standards and procedures.

    Info-Tech Tip

    Have a fundamental data definition model for the entire business to adhere to. Those in the positions that generate and produce data must follow the common set of standards developed by the steering committee and be accountable for the creation of valid, clean data.

    Changes to organisational data processes are inevitable; have a communications plan in place to manage change

    Create awareness of your data governance program, using knowledge transfer to get as many people on board as possible.

    By planning for and efficiently communicating any changes that a data governance initiative may bring, many initial issues can be resolved from the outset.

    Governance recommendations will require significant business change. The redesign of a substantial number of data processes affecting various business units will require an overhaul of the organisation's culture, thought processes, and procedures surrounding its data. Preparing people for change well in advance will allow them to take the necessary steps to adapt and reduce potential confrontation.

    Because a data governance initiative will involve data-driven business units across the organisation, the governance team must present a compelling case for data governance to ensure acceptance of new processes, rules, guidelines, and technologies by all data producers and users.

    Attempting to implement change without an effective communications plan can result in disagreements over data control and stalemates between stakeholder units. The recommendations of the governance group must reflect the needs of all stakeholders or there will be pushback.

    Data governance initiatives will very likely bring about a level of organisational disruption. A clear and concise communications strategy that conveys milestones and success stories will address the various concerns that business unit stakeholders may have.

    Info-Tech Tip

    Launching a data governance program will bring with it a level of disruption to the culture of the organisation. That disruption doesn't have to be detrimental if you are prepared to manage the change proactively and effectively.

    Other Deliverables:

    The list of supporting deliverables will help to kick start on some of the Data Governance initiatives

    • Data Classification Policy, Standard, and Procedure
    • Data Quality Policy, Standard, and Procedure
    • Metadata Management Policy, Standard, and Procedure
    • Data Retention Policy and Procurement

    Screenshot from Data Classification Policy, Standard, and Procedure

    Data Classification Policy, Standard, and Procedure

    Screenshot from Data Retention Policy and Procedure

    Data Retention Policy and Procedure

    Screenshot from Metadata Management Policy, Standard, and Procedure

    Metadata Management Policy, Standard, and Procedure

    Screenshot from Data Quality Policy, Standard, and Procedure

    Data Quality Policy, Standard, and Procedure

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop.

    Picture of analyst

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team. Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Screenshot of example data governance strategy map.

    Build Your Business and User Context

    Work with your core team of stakeholders to build out your data governance strategy map, aligning data governance initiatives with business capabilities, value streams, and, ultimately, your strategic priorities.

    Screenshot of Data governance roadmap

    Formulate a Plan to Get to Your Target State

    Develop a data governance future state roadmap and plan based on an understanding of your current data governance capabilities, your operating environment, and the driving needs of your business.

    Related Info-Tech Research

    Build a Robust and Comprehensive Data Strategy

    Key to building and fostering a data-driven culture.

    Create a Data Management Roadmap

    Streamline your data management program with our simplified framework.

    The First 100 Days as CDO

    Be the voice of data in a time of transformation.

    Research Contributors

    Name Position Company
    David N. Weber Executive Director - Planning, Research and Effectiveness Palm Beach State College
    Izabela Edmunds Information Architect Mott MacDonald
    Andy Neill Practice Lead, Data & Analytics Info-Tech Research Group
    Dirk Coetsee Research Director, Data & Analytics Info-Tech Research Group
    Graham Price Executive Advisor, Advisory Executive Services Info-Tech Research Group
    Igor Ikonnikov Research Director, Data & Analytics Info-Tech Research Group
    Jean Bujold Senior Workshop Delivery Director Info-Tech Research Group
    Rajesh Parab Research Director, Data & Analytics Info-Tech Research Group
    Reddy Doddipalli Senior Workshop Director Info-Tech Research Group
    Valence Howden Principal Research Director, CIO Info-Tech Research Group

    Bibliography

    Alation. “The Alation State of Data Culture Report – Q3 2020.” Alation, 2020. Accessed 25 June 2021.

    Allott, Joseph, et al. “Data: The Next Wave in Forestry Productivity.” McKinsey & Company, 27 Oct. 2020. Accessed 25 June 2021.

    Bean, Randy. “Why Culture Is the Greatest Barrier to Data Success.” MIT Sloan Management Review, 30 Sept. 2020. Accessed 25 June 2021.

    Brence, Thomas. “Overcoming the Operationalization Challenge With Data Governance at New York Life.” Informatica, 18 March 2020. Accessed 25 June 2021.

    Bullmore, Simon, and Stuart Coleman. “ODI Inside Business – A Checklist for Leaders.” Open Data Institute, 19 Oct. 2020. Accessed 25 June 2021.

    Canadian Institute for Health Information. “Developing and Implementing Accurate National Standards for Canadian Health Care Information.” Canadian Institute for Health Information. Accessed 25 June 2021.

    Carruthers, Caroline, and Peter Jackson. “The Secret Ingredients of the Successful CDO.” IRM UK Connects, 23 Feb. 2017.

    Dashboards. “Useful KPIs for Healthy Hospital Quality Management.” Dashboards. Accessed 25 June 2021.

    Dashboards. “Why (and How) You Should Improve Data Literacy in Your Organization Today.” Dashboards. Accessed 25 June 2021.

    Datapine. “Healthcare Key Performance Indicators and Metrics.” Datapine. Accessed 25 June 2021.

    Datapine. “KPI Examples & Templates: Measure what matters the most and really impacts your success.” Datapine. Accessed 25 June 2021.

    Diaz, Alejandro, et al. “Why Data Culture Matters.” McKinsey Quarterly, Sept. 2018. Accessed 25 June 2021.

    Everett, Dan. “Chief Data Officer (CDO): One Job, Four Roles.” Informatica, 9 Sept. 2020. Accessed 25 June 2021.

    Experian. “10 Signs You Are Sitting On A Pile Of Data Debt.” Experian. Accessed 25 June 2021.

    Fregoni, Silvia. “New Research Reveals Why Some Business Leaders Still Ignore the Data.” Silicon Angle, 1 Oct. 2020

    Informatica. Holistic Data Governance: A Framework for Competitive Advantage. Informatica, 2017. Accessed 25 June 2021.

    Knight, Michelle. “What Is a Data Catalog?” Dataversity, 28 Dec. 2017. Web.

    Lim, Jason. “Alation 2020.3: Getting Business Users in the Game.” Alation, 2020. Accessed 25 June 2021.

    McDonagh, Mariann. “Automating Data Governance.” Erwin, 29 Oct. 2020. Accessed 25 June 2021.

    NewVantage Partners. Data-Driven Business Transformation: Connecting Data/AI Investment to Business Outcomes. NewVantage Partners, 2020. Accessed 25 June 2021.

    Olavsrud, Thor. “What Is Data Governance? A Best Practices Framework For Managing Data Assets.” CIO.com, 18 March 2021. Accessed 25 June 2021.

    Open Data Institute. “Introduction to Data Ethics and the Data Ethics Canvas.” Open Data Institute, 2020. Accessed 25 June 2021.

    Open Data Institute. “The UK National Data Strategy 2020: Doing Data Ethically.” Open Data Institute, 17 Nov. 2020. Accessed 25 June 2021.

    Open Data Institute. “What Is the Data Ethics Canvas?” Open Data Institute, 3 July 2019. Accessed 25 June 2021.

    Pathak, Rahul. “Becoming a Data-Driven Enterprise: Meeting the Challenges, Changing the Culture.” MIT Sloan Management Review, 28 Sept. 2020. Accessed 25 June 2021.

    Petzold, Bryan, et al. “Designing Data Governance That Delivers Value.” McKinsey & Company, 26 June 2020. Accessed 25 June 2021.

    Redman, Thomas, et al. “Only 3% of Companies’ Data Meets Basic Quality Standards.” Harvard Business Review. 11 Sept 2017.

    Smaje, Kate. “How Six Companies Are Using Technology and Data To Transform Themselves.” McKinsey & Company, 12 Aug. 2020. Accessed 25 June 2021.

    Talend. “The Definitive Guide to Data Governance.” Talend. Accessed 25 June 2021.

    “The Powerfully Simple Modern Data Catalog.” Atlan, 2021. Web.

    U.S. Geological Survey. “Data Management: Data Standards.” U.S. Geological Survey. Accessed 25 June 2021.

    Waller, David. “10 Steps to Creating a Data-Driven Culture.” Harvard Business Review, 6 Feb. 2020. Accessed 25 June 2021.

    “What Is the Difference Between A Business Glossary, A Data Dictionary, and A Data Catalog, and How Do They Play A Role In Modern Data Management?” Analytics8, 23 June 2021. Web.

    Wikipedia. “RFM (Market Research).” Wikipedia. Accessed 25 June 2021.

    Windheuser, Christoph, and Nina Wainwright. “Data in a Modern Digital Business.” Thoughtworks, 12 May 2020. Accessed 25 June 2021.

    Wright, Tom. “Digital Marketing KPIs - The 12 Key Metrics You Should Be Tracking.” Cascade, 3 March 2021. Accessed 25 June 2021.

    Create a Right-Sized Enterprise Architecture Governance Framework

    • Buy Link or Shortcode: {j2store}582|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $10,000 Average $ Saved
    • member rating average days saved: 5 Average Days Saved
    • Parent Category Name: Strategy & Operating Model
    • Parent Category Link: /strategy-and-operating-model
    • EA governance is perceived as an unnecessary layer of bureaucracy because business benefits are poorly communicated.
    • The organization doesn’t have a formalized EA practice.
    • Where an EA practice exists, employees are unsure of EA’s roles and responsibilities.

    Our Advice

    Critical Insight

    • Enterprise architecture is not a technical function – it should be business-value driven and forward looking, positioning organizational assets in favor of long-term strategy rather than short-term tactics.

    Impact and Result

    • Value-focused. Focus EA governance on helping the organization achieve business benefits. Promote EA’s contribution in realizing business value.
    • Right-sized. Re-use existing process checkpoints rather than creating new ones. Clearly define EA governance inclusion criteria for projects.
    • Defined and measured process. Define metrics to measure EA’s performance and integrate EA governance with other governance processes such as project governance. Also clearly define the EA governing bodies’ composition, domain, inputs, and outputs.
    • Strike the right balance. Adopt architecture principles that strikes the right balance between business and technology.

    Create a Right-Sized Enterprise Architecture Governance Framework Research & Tools

    Start here – read the Executive Brief

    Read our Executive Brief to find out how implementing a successful enterprise architecture governance framework can benefit your organization.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Current State of EA Governance

    Identify the organization’s standing in terms of the enterprise architecture practice, and know the gaps and what the EA practice needs to fulfill to create a good governance framework.

    • Create a Right-Sized Enterprise Architecture Governance Framework – Phase 1: Current State of EA Governance
    • EA Capability – Risk and Complexity Assessment Tool
    • EA Governance Assessment Tool

    2. EA Fundamentals

    Understand the EA fundamentals and then refresh them to better align the EA practice with the organization and create business benefit.

    • Create a Right-Sized Enterprise Architecture Governance Framework – Phase 2: EA Fundamentals
    • EA Vision and Mission Template
    • EA Goals and Measures Template
    • EA Principles Template

    3. Engagement Model

    Analyze the IT operating model and identify EA’s role at each stage; refine it to promote effective EA engagement upfront in the early stages of the IT operating model.

    • Create a Right-Sized Enterprise Architecture Governance Framework – Phase 3: Engagement Model
    • EA Engagement Model Template

    4. EA Governing Bodies

    Set up EA governing bodies to provide guidance and foster a collaborative environment by identifying the correct number of EA governing bodies, defining the game plan to initialize the governing bodies, and creating an architecture review process.

    • Create a Right-Sized Enterprise Architecture Governance Framework – Phase 4: EA Governing Bodies
    • Architecture Board Charter Template
    • Architecture Review Process Template

    5. EA Policy

    Create an EA policy to provide a set of guidelines designed to direct and constrain the architecture actions of the organization in the pursuit of its goals in order to improve architecture compliance and drive business value.

    • Create a Right-Sized Enterprise Architecture Governance Framework – Phase 5: EA Policy
    • EA Policy Template
    • EA Assessment Checklist Template
    • EA Compliance Waiver Process Template
    • EA Compliance Waiver Form Template

    6. Architectural Standards

    Define architecture standards to facilitate information exchange, improve collaboration, and provide stability. Develop a process to update the architectural standards to ensure relevancy and promote process transparency.

    • Create a Right-Sized Enterprise Architecture Governance Framework – Phase 6: Architectural Standards
    • Architecture Standards Update Process Template

    7. Communication Plan

    Craft a plan to engage the relevant stakeholders, ascertain the benefits of the initiative, and identify the various communication methods in order to maximize the chances of success.

    • Create a Right-Sized Enterprise Architecture Governance Framework – Phase 7: Communication Plan
    • EA Governance Communication Plan Template
    • EA Governance Framework Template
    [infographic]

    Workshop: Create a Right-Sized Enterprise Architecture Governance Framework

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Current State of EA governance (Pre-workshop)

    The Purpose

    Conduct stakeholder interviews to understand current state of EA practice and prioritize gaps for EA governance based on organizational complexity.

    Key Benefits Achieved

    Prioritized list of actions to arrive at the target state based on the complexity of the organization

    Activities

    1.1 Determine organizational complexity.

    1.2 Conduct an assessment of the EA governance components.

    1.3 Identify and prioritize gaps.

    1.4 Conduct senior management interviews.

    Outputs

    Organizational complexity score

    EA governance current state and prioritized list of EA governance component gaps

    Stakeholder perception of the EA practice

    2 EA Fundamentals and Engagement Model

    The Purpose

    Refine EA fundamentals to align the EA practice with the organization and identify EA touchpoints to provide guidance for projects.

    Key Benefits Achieved

    Alignment of EA goals and objectives with the goals and objectives of the organization

    Early involvement of EA in the IT operating model

    Activities

    2.1 Review the output of the organizational complexity and EA assessment tools.

    2.2 Craft the EA vision and mission.

    2.3 Develop the EA principles.

    2.4 Identify the EA goals.

    2.5 Identify EA engagement touchpoints within the IT operating model.

    Outputs

    EA vision and mission statement

    EA principles

    EA goals and measures

    Identified EA engagement touchpoints and EA level of involvement

    3 EA Governing Bodies

    The Purpose

    Set up EA governing bodies to provide guidance and foster a collaborative environment by identifying the correct number of EA governing bodies, defining the game plan to initialize the governing bodies and creating an architecture review process.

    Key Benefits Achieved

    Business benefits are maximized and solution design is within the options set forth by the architectural reference models while no additional layers of bureaucracy are introduced

    Activities

    3.1 Identify the number of governing bodies.

    3.2 Define the game plan to initialize the governing bodies.

    3.3 Define the architecture review process.

    Outputs

    Architecture board structure and coverage

    Identified architecture review template

    4 EA Policy

    The Purpose

    Create an EA policy to provide a set of guidelines designed to direct and constrain the architecture actions of the organization in the pursuit of its goals in order to improve architecture compliance and drive business value.

    Key Benefits Achieved

    Improved architecture compliance, which ties investments to business value and provides guidance to architecture practitioners

    Activities

    4.1 Define the scope.

    4.2 Identify the target audience.

    4.3 Determine the inclusion and exclusion criteria.

    4.4 Craft an assessment checklist.

    Outputs

    Defined scope

    Inclusion and exclusion criteria for project review

    Architecture assessment checklist

    5 Architectural Standards and Communication Plan

    The Purpose

    Define architecture standards to facilitate information exchange, improve collaboration, and provide stability.

    Craft a communication plan to implement the new EA governance framework in order to maximize the chances of success.

    Key Benefits Achieved

    Consistent development of architecture, increased information exchange between stakeholders

    Improved process transparency

    Improved stakeholder engagement

    Activities

    5.1 Identify and standardize EA work products.

    5.2 Classifying the architectural standards.

    5.3 Identifying the custodian of standards.

    5.4 Update the standards.

    5.5 List the changes identified in the EA governance initiative

    5.6 Create a communication plan.

    Outputs

    Identified set of EA work products to standardize

    Architecture information taxonomy

    Identified set of custodian of standards

    Standard update process

    List of EA governance initiatives

    Communication plan for EA governance initiatives

    Further reading

    Create a Right-Sized Enterprise Architecture Governance Framework

    Focus on process standardization, repeatability, and sustainability.

    ANALYST PERSPECTIVE

    "Enterprise architecture is not a technology concept, rather it is the foundation on which businesses orient themselves to create and capture value in the marketplace. Designing architecture is not a simple task and creating organizations for the future requires forward thinking and rigorous planning.

    Architecture processes that are supposed to help facilitate discussions and drive option analysis are often seen as an unnecessary overhead. The negative perception is due to enterprise architecture groups being overly prescriptive rather than providing a set of options that guide and constrain solutions at the same time.

    EA groups should do away with the direct and control mindset and change to a collaborate and mentor mindset. As part of the architecture governance, EA teams should provide an option set that constrains design choices, and also be open to changes to standards or best practices. "

    Gopi Bheemavarapu, Sr. Manager, CIO Advisory Info-Tech Research Group

    Our understanding of the problem

    This Research Is Designed For:

    • CIO
    • IT Leaders
    • Business Leaders
    • Head of Enterprise Architecture
    • Enterprise Architects
    • Domain Architects
    • Solution Architects

    This Research Will Help You:

    • Understand the importance of enterprise architecture (EA) governance and how to apply it to guide architectural decisions.
    • Enhance your understanding of the organization’s current EA governance and identify areas for improvement.
    • Optimize your EA engagement model to maximize value creation.
    • Learn how to set up the optimal number of governance bodies in order to avoid bureaucratizing the organization.

    This Research Will Also Assist:

    • Business Relationship Managers
    • Business Analysts
    • IT Managers
    • Project Managers
    • IT Analysts
    • Quality Assurance Leads
    • Software Developers

    This Research Will Help Them:

    • Give an overview of enterprise architecture governance
    • Clarity on the role of enterprise architecture team

    Executive summary

    Situation

    • Deployed solutions do not meet business objectives resulting in expensive and extensive rework.
    • Each department acts independently without any regular EA touchpoints.
    • Organizations practice project-level architecture as opposed to enterprise architecture.

    Complication

    • EA governance is perceived as an unnecessary layer of bureaucracy because business benefits are poorly communicated.
    • The organization doesn’t have a formalized EA practice.
    • Where an EA practice exists, employees are unsure of EA’s roles and responsibilities.

    Resolution

    • Value-focused. Focus EA governance on helping the organization achieve business benefits. Promote EA’s contribution in realizing business value.
    • Right-sized. Re-use existing process checkpoints, rather than creating new ones. Clearly define EA governance inclusion criteria for projects.
    • Defined and measured process. Define metrics to measure EA’s performance and integrate EA governance with other governance processes such as project governance. Also clearly define the EA governing bodies’ composition, domain, inputs, and outputs.
    • Strike the right balance. Adopt architecture principles that strikes the right balance between business and technology imperatives.

    Info-Tech Insight

    Enterprise architecture is critical to ensuring that an organization has the solid IT foundation it needs to efficiently enable the achievement of its current and future strategic goals rather than focusing on short-term tactical gains.

    What is enterprise architecture governance?

    An architecture governance process is the set of activities an organization executes to ensure that decisions are made and accountability is enforced during the execution of its architecture strategy. (Hopkins, “The Essential EA Toolkit.”)

    EA governance includes the following:

    • Implement a system of controls over the creation and monitoring of all architectural components.
    • Ensure effective introduction, implementation, and evolution of architectures within the organization.
    • Implement a system to ensure compliance with internal and external standards and regulatory obligations.
    • Develop practices that ensure accountability to a clearly identified stakeholder community, both inside and outside the organization.

    (TOGAF)

    IT governance sets direction through prioritization and decision making, and monitors overall IT performance.

    The image shows a circle set within a larger circle. The inner circle is connected to the bottom of the larger circle. The inner circle is labelled EA Governance and the larger circle is labelled IT Governance.

    EA governance ensures that optimal architectural design choices are being made that focus on long-term value creation.

    Harness the benefits of an optimized EA governance

    Core benefits of EA governance are seen through:

    Value creation

    Effective EA governance ensures alignment between organizational investments and corporate strategic goals and objectives.

    Cost reduction

    Architecture standards provide guidance to identify opportunities for reuse and eliminate redundancies in an organization.

    Risk optimization

    Architecture review processes and assessment checklists ensure that solutions are within the acceptable risk levels of the organization.

    EA governance is difficult to structure appropriately, but having an effective structure will allow you to:

    • Achieve business strategy through faster time-to-market innovations and capabilities.
    • Reduced transaction costs with more consistent business processes and information across business units.
    • Lower IT costs due to better traceability, faster design, and lower risk.
    • Link IT investments to organizational strategies and objectives
    • Integrate and institutionalizes IT best practices.
    • Enable the organization to take full advantage of its information, infrastructure, and hardware and software assets.
    • Support regulatory as well as best practice requirements such as auditability, security, responsibility, and accountability.

    Organizations that have implemented EA governance realize greater benefits from their EA programs

    Modern day CIOs of high-performing organizations use EA as a strategic planning discipline to improve business-IT alignment, enable innovation, and link business and IT strategies to execution.

    Recent Info-Tech research found that organizations that establish EA governance realize greater benefits from their EA initiatives.

    The image shows a bar graph, with Impact from EA on the Y-axis, and different initiatives listed on the X-axis. Each initiative has two bars connected to it, with a blue bar representing answers of No and the grey bar representing answers of Yes.

    (Info-Tech Research Group, N=89)

    Measure EA governance implementation effectiveness

    Define key operational measures for internal use by IT and EA practitioners. Also, define business value measures that communicate and demonstrate the value of EA as an “enabler” of business outcomes to senior executives.

    EA performance measures (lead, operational) EA value measures (lag)
    Application of EA management process EA’s contribution to IT performance EA’s contribution to business value

    Enterprise Architecture Management

    • Number of months since the last review of target state EA blueprints.

    IT Investment Portfolio Management

    • Percentage of projects that were identified and proposed by EA.

    Solution Development

    • Number of projects that passed EA reviews.
    • Number of building blocks reused.

    Operations Management

    • Reduction in the number of applications with overlapping functionality.

    Business Value

    • Lower non-discretionary IT spend.
    • Decreased time to production.
    • Higher satisfaction of IT-enabled services.

    An insurance provider adopts a value-focused, right-sized EA governance program

    CASE STUDY

    Industry Insurance

    Source Info-Tech

    Situation

    The insurance sector has been undergoing major changes, and as a reaction, businesses within the sector have been embracing technology to provide innovative solutions.

    The head of EA in a major insurance provider (henceforth to be referred to as “INSPRO01”) was given the mandate to ensure that solutions are architected right the first time to maximize reuse and reduce technology debt. The EA group was at a critical point – to demonstrate business value or become irrelevant.

    Complication

    The project management office had been accountable for solution architecture and had placed emphasis on short-term project cost savings at the expense of long term durability.

    There was a lack of awareness of the Enterprise Architecture group within INSPRO01, and people misunderstood the roles and responsibilities of the EA team.

    Result

    Info-Tech helped define the responsibilities of the EA team and clarify the differences between the role of a Solution Architect vs. Enterprise Architect.

    The EA team was able to make the case for change in the project management practices to ensure architectures are reviewed and approved prior to implementation.

    As a result, INSPRO01 saw substantial increases in reuse opportunities and thereby derived more value from its technology investments.

    Success factors for EA governance

    The success of any EA governance initiative revolves around adopting best practices, setting up repeatable processes, and establishing appropriate controls.

    1. Develop best practices for managing architecture policies, procedures, roles, skills, and organizational structures.
    2. Establish organizational responsibilities and structures to support the architecture governance processes.
    3. Management of criteria for the control of the architecture governance processes, dispensations, compliance assessments, and SLAs.

    Info-Tech’s approach to EA governance

    Our best-practice approach is grounded in TOGAF and enhanced by the insights and guidance from our analysts, industry experts, and our clients.

    Value-focused. Focus EA governance on helping the organization achieve business benefits. Promote EA’s contribution in realizing business value.

    Right-sized. Insert EA governance into existing process checkpoints rather than creating new ones. Clearly define EA governance inclusion criteria for projects.

    Measured. Define metrics to measure EA’s performance, and integrate EA governance with other governance processes such as project governance. Also clearly define the EA governing bodies’ composition, domain, inputs, and outputs.

    Balanced. Adopt architecture principles that strikes the right balance between business and technology.

    Info-Tech’s EA governance framework

    Info-Tech’s architectural governance framework provides a value-focused, right-sized approach with a strong emphasis on process standardization, repeatability, and sustainability.

    1. Current state of EA governance
    2. EA fundamentals
    3. Engagement model
    4. EA governing bodies
    5. EA policy
    6. Architectural standards
    7. Communication Plan

    Use Info-Tech’s templates to complete this project

    1. Current state of EA governance
      • EA Capability - Risk and Complexity Assessment Tool
      • EA Governance Assessment Tool
    2. EA fundamentals
      • EA Vision and Mission Template
      • EA Goals and Measures Template
      • EA Principles Template
    3. Engagement model
      • EA Engagement Model Template
    4. EA governing bodies
      • Architecture Board Charter Template
      • Architecture Review Process Template
    5. EA policy
      • EA Policy Template
      • Architecture Assessment Checklist Template
      • Compliance Waiver Process Template
      • Compliance Waiver Form Template
    6. Architectural standards
      • Architecture Standards Update Process Template
    7. Communication Plan
      • EA Governance Communication Plan Template
      • EA Governance Framework Template

    As you move through the project, capture your progress with a summary in the EA Governance Framework Template.

    Download the EA Governance Framework Template document for use throughout this project.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    EA governance framework – phase-by-phase outline (1/2)

    Current state of EA governance EA Fundamentals Engagement Model EA Governing Bodies
    Best-Practice Toolkit

    1.1 Determine organizational complexity

    1.2 Conduct an assessment of the EA governance components

    1.3 Identify and prioritize gaps

    2.1 Craft the EA vision and mission

    2.2 Develop the EA principles

    2.3 Identify the EA goals

    3.1 Build the case for EA engagement

    3.2 Identify engagement touchpoints within the IT operating model

    4.1 Identify the number of governing bodies

    4.2 Define the game plan to initialize the governing bodies

    4.3 Define the architecture review process

    Guided Implementations
    • Determine organizational complexity
    • Assess current state of EA governance
    • Develop the EA fundamentals
    • Review the EA fundamentals
    • Review the current IT operating model
    • Determine the target engagement model
    • Identify architecture boards and develop charters
    • Develop an architecture review process

    Phase 1 Results:

    • EA Capability - risk and complexity assessment
    • EA governance assessment

    Phase 2 Results:

    • EA vision and mission
    • EA goals and measures
    • EA principles

    Phase 3 Results:

    • EA engagement model

    Phase 4 Results:

    • Architecture board charter
    • Architecture review process

    EA governance framework – phase-by-phase outline (2/2)

    EA Policy Architectural Standards Communication Plan
    Best-Practice Toolkit

    5.1 Define the scope of EA policy

    5.2 Identify the target audience

    5.3 Determine the inclusion and exclusion criteria

    5.4 Craft an assessment checklist

    6.1 Identify and standardize EA work products

    6.2 Classify the architectural standards

    6.3 Identify the custodian of standards

    6.4 Update the standards

    7.1 List the changes identified in the EA governance initiative

    7.2 Identify stakeholders

    7.3 Create a communication plan

    Guided Implementations
    • EA policy, assessment checklists, and decision types
    • Compliance waivers
    • Understand architectural standards
    • EA repository and updating the standards
    • Create a communication plan
    • Review the communication plan

    Phase 5 Results:

    • EA policy
    • Architecture assessment checklist
    • Compliance waiver process
    • Compliance waiver form

    Phase 6 Results:

    • Architecture standards update process

    Phase 7 Results:

    • Communication plan
    • EA governance framework

    Workshop overview

    Contact your account representative or email Workshops@InfoTech.com for more information.

    Pre-workshopWorkshop Day 1Workshop Day 2Workshop Day 3Workshop Day 4
    ActivitiesCurrent state of EA governance EA fundamentals and engagement model EA governing bodies EA policy Architectural standards and

    communication plan

    1.1 Determine organizational complexity

    1.2 Conduct an assessment of the EA governance components

    1.3 Identify and prioritize gaps

    1.4 Senior management interviews

    1. Review the output of the organizational complexity and EA assessment tools
    2. Craft the EA vision and mission
    3. Develop the EA principles.
    4. Identify the EA goals
    5. Identify EA engagement touchpoints within the IT operating model
    1. Identify the number of governing bodies
    2. Define the game plan to initialize the governing bodies
    3. Define the architecture review process
    1. Define the scope
    2. Identify the target audience
    3. Determine the inclusion and exclusion criteria
    4. Craft an assessment checklist
    1. Identify and standardize EA work products
    2. Classifying the architectural standards
    3. Identifying the custodian of standards
    4. Updating the standards
    5. List the changes identified in the EA governance initiative
    6. Identify stakeholders
    7. Create a communication plan
    Deliverables
    1. EA Capability - risk and complexity assessment tool
    2. EA governance assessment tool
    1. EA vision and mission template
    2. EA goals and measures template
    3. EA principles template
    4. EA engagement model template
    1. Architecture board charter template
    2. Architecture review process template
    1. EA policy template
    2. Architecture assessment checklist template
    3. Compliance waiver process template
    4. Compliance waiver form template
    1. Architecture standards update process template
    2. Communication plan template

    Phase 1

    Current State of EA Governance

    Create a Right-Sized Enterprise Architecture Governance Framework

    Current State of EA Governance

    1. Current State of EA Governance
    2. EA Fundamentals
    3. Engagement Model
    4. EA Governing Bodies
    5. EA Policy
    6. Architectural Standards
    7. Communication Plan

    This phase will walk you through the following activities:

    • Determine organizational complexity
    • Conduct an assessment of the EA governance components
    • Identify and prioritize gaps

    This step involves the following participants:

    • CIO
    • IT Leaders
    • Business Leaders
    • Head of Enterprise Architecture
    • Enterprise Architects
    • Domain Architects
    • Solution Architects

    Outcomes of this step

    • Prioritized list of gaps

    Info-Tech Insight

    Correlation is not causation – an apparent problem might be a symptom rather than a cause. Assess the organization’s current EA governance to discover the root cause and go beyond the symptoms.

    Phase 1 guided implementation outline

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 1: Current State of EA Governance

    Proposed Time to Completion: 2 weeks

    Step 1.1: Determine organizational complexity

    Start with an analyst kick-off call:

    • Discuss how to use Info-Tech’s EA Capability – Risk and Complexity Assessment Tool.
    • Discuss how to complete the inputs on the EA Governance Assessment Tool.

    Then complete these activities…

    • Conduct an assessment of your organization to determine its complexity.
    • Assess the state of EA governance within your organization.

    With these tools & templates:

    • EA Capability – Risk and Complexity Assessment Tool
    • EA Governance Assessment Tool

    Step 1.2: Assess current state of EA governance

    Start with an analyst kick-off call:

    • Review the output of the EA governance assessment and gather feedback on your goals for the EA practice.

    Then complete these activities…

    • Discuss whether you are ready to proceed with the project.
    • Review the list of tasks and plan your next steps.

    With these tools & templates:

    • EA Governance Assessment Tool

    Right-size EA governance based on organizational complexity

    Determining organizational complexity is not rocket science. Use Info-Tech’s tool to quantify the complexity and use it, along with common sense, to determine the appropriate level of architecture governance.

    Info-Tech’s methodology uses six factors to determine the complexity of the organization:

    1. The size of the organization, which can often be denoted by the revenue, headcount, number of applications in use, and geographical diversity.
    2. The solution alignment factor helps indicate the degree to which various projects map to the organization’s strategy.
    3. The size and complexity of the IT infrastructure and networks.
    4. The portfolio of applications maintained by the IT organization.
    5. Key changes within the organization such as M&A, regulatory changes, or a change in business or technology leadership.
    6. Other negative influences that can adversely affect the organization.

    Determine your organization’s level of complexity

    1.1 2 hours

    Input

    • Group consensus on the current state of EA competencies.

    Output

    • A list of gaps that need to be addressed for EA governance competencies.

    Materials

    • Info-Tech’s EA assessment tool, a computer, and/or a whiteboard and marker.

    Participants

    • EA team, business line leads, IT department leads.

    The image shows a screenshot of the Table of Contents with the EA Capability section highlighted.

    Step 1 - Facilitate

    Download the EA Capability – Risk and Complexity Assessment Tool to facilitate a session on determining your organization’s complexity.

    Download EA Organizational - Risk and Complexity Assessment Tool

    Step 2 - Summarize

    Summarize the results in the EA governance framework document.

    Update the EA Governance Framework Template

    Understand the components of effective EA governance

    EA governance is multi-faceted and it facilitates effective use of resources to meet organizational strategic objectives through well-defined structural elements.

    EA Governance

    • Fundamentals
    • Engagement Model
    • Policy
    • Governing Bodies
    • Architectural Standards

    Components of architecture governance

    1. EA vision, mission, goals, metrics, and principles that provide a direction for the EA practice.
    2. An engagement model showing where and in what fashion EA is engaged in the IT operating model.
    3. An architecture policy formulated and enforced by the architectural governing bodies to guide and constrain architectural choices in pursuit of strategic goals.
    4. Governing bodies to assess projects for compliance and provide feedback.
    5. Architectural standards that codify the EA work products to ensure consistent development of architecture.

    Next Step: Based on the organization’s complexity, conduct a current state assessment of EA governance using Info-Tech’s EA Governance Assessment Tool.

    Assess the components of EA governance in your organization

    1.2 2 hrs

    Input

    • Group consensus on the current state of EA competencies.

    Output

    • A list of gaps that need to be addressed for EA governance competencies.

    Materials

    • Info-Tech’s EA assessment tool, a computer, and/or a whiteboard and marker.

    Participants

    • EA team, business line leads, IT department leads.

    The image shows a screenshot of the Table of Contents with the EA Governance section highlighted.

    Step 1 - Facilitate

    Download the “EA Governance Assessment Tool” to facilitate a session on identifying the best practices to be applied in your organization.

    Download Info-Tech’s EA Governance Assessment Tool

    Step 2 - Summarize

    Summarize the identified best practices in the EA governance framework document.

    Update the EA Governance Framework Template


    Conduct a current state assessment to identify limitations of the existing EA governance framework

    CASE STUDY

    Industry Insurance

    Source Info-Tech

    Situation

    INSPRO01 was planning a major transformation initiative. The organization determined that EA is a strategic function.

    The CIO had pledged support to the EA group and had given them a mandate to deliver long-term strategic architecture.

    The business leaders did not trust the EA team and believed that lack of business skills in the group put the business transformation at risk.

    Complication

    The EA group had been traditionally seen as a technology organization that helps with software design.

    The EA team lacked understanding of the business and hence there had been no common language between business and technology.

    Result

    Info-Tech helped the EA team create a set of 10 architectural principles that are business-value driven rather than technical statements.

    The team socialized the principles with the business and technology stakeholders and got their approvals.

    By applying the business focused architectural principles, the EA team was able to connect with the business leaders and gain their support.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Key Activities

    • Determine organizational complexity.
    • Conduct an assessment of the EA governance components.
    • Identify and prioritize gaps.

    Outcomes

    • Organizational complexity assessment
    • EA governance capability assessment
    • A prioritized list of capability gaps

    Phase 2

    EA Fundamentals

    Create a Right-Sized Enterprise Architecture Governance Framework

    EA Fundamentals

    1. Current State of EA Governance
    2. EA Fundamentals
    3. Engagement Model
    4. EA Governing Bodies
    5. EA Policy
    6. Architectural Standards
    7. Communication Plan

    This phase will walk you through the following activities:

    • Craft the EA vision and mission
    • Develop the EA principles.
    • Identify the EA goals

    This step involves the following participants:

    • CIO
    • IT Leaders
    • Business Leaders
    • Head of Enterprise Architecture
    • Enterprise Architects
    • Domain Architects
    • Solution Architects

    Outcomes of this step

    • Refined set of EA fundamentals to support the building of EA governance

    Info-Tech Insight

    A house divided against itself cannot stand – ensure that the EA fundamentals are aligned with the organization’s goals and objectives.

    Phase 2 guided implementation outline

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 2: EA Fundamentals

    Proposed Time to Completion: 3 weeks

    Step 2.1: Develop the EA fundamentals

    Review findings with analyst:

    • Discuss the importance of the EA fundamentals – vision, mission, goals, measures, and principles.
    • Understand how to align the EA vision, mission, goals, and measures to your organization’s vision, mission, goals, measures, and principles.

    Then complete these activities…

    • Develop the EA vision statements.
    • Craft the EA mission statements.
    • Define EA goals and measures.
    • Adopt EA principles.

    With these tools & templates:

    • EA Vision and Mission Template
    • EA Principles Template
    • EA Goals and Measures Template

    Step 2.2: Review the EA fundamentals

    Review findings with analyst:

    • Review the EA fundamentals in conjunction with the results of the EA governance assessment tool and gather feedback.

    Then complete these activities…

    • Refine the EA vision, mission, goals, measures, and principles.
    • Review the list of tasks and plan your next steps.

    With these tools & templates:

    • EA Vision and Mission Template
    • EA Principles Template
    • EA Goals and Measures Template

    Fundamentals of an EA organization

    Vision, mission, goals and measures, and principles form the foundation of the EA function.

    Factors to consider when developing the vision and mission statements

    The vision and mission statements provide strategic direction to the EA team. These statements should be created based on the business and technology drivers in the organization.

    Business Drivers

    • Business drivers are factors that determine, or cause, an increase in value or major improvement of a business.
    • Examples of business drivers include:
      • Increased revenue
      • Customer retention
      • Salesforce effectiveness
      • Innovation

    Technology Drivers

    • Technology drivers are factors that are vital for the continued success and growth of a business using effective technologies.
    • Examples of technology drivers include:
      • Enterprise integration
      • Information security
      • Portability
      • Interoperability

    "The very essence of leadership is [that] you have a vision. It's got to be a vision you articulate clearly and forcefully on every occasion. You can't blow an uncertain trumpet." – Theodore Hesburgh

    Develop vision, mission, goals, measures, and principles to define the EA capability direction and purpose

    EA capability vision statement

    Articulates the desired future state of EA capability expressed in the present tense.

    • What will be the role of EA capability?
    • How will EA capability be perceived?

    Example: To be recognized by both the business and IT as a trusted partner that drives [Company Name]’s effectiveness, efficiency, and agility.

    EA capability mission statement

    Articulates the fundamental purpose of the EA capability.

    • Why does EA capability exist?
    • What does EA capability do to realize its vision?
    • Who are the key customers of the EA capability?

    Example: Define target enterprise architecture for [Company Name], identify solution opportunities, inform IT investment management, and direct solution development, acquisition, and operation compliance.

    EA capability goals and measures

    EA capability goals define specific desired outcomes of an EA management process execution. EA capability measures define how to validate the achievement of the EA capability goals.

    Example:

    Goal: Improve reuse of IT assets at [Company Name].

    Measures:

    • The number of building blocks available for reuse.
    • Percent of projects that utilized existing building blocks.
    • Estimated efficiency gain (= effort to create a building block * reuse count).

    EA principles

    EA principles are shared, long-lasting beliefs that guide the use of IT in constructing, transforming, and operating the enterprise by informing and restricting target-state enterprise architecture design, solution development, and procurement decisions.

    Example:

    • EA principle name: Reuse.
    • Statement: Maximize reuse of existing assets.
    • Rationale: Reuse prevents duplication of development and support efforts, increasing efficiency, and agility.
    • Implications: Define architecture and solution building blocks and ensure their consistent application.

    EA principles guide decision making

    Policies can be seen as “the letter of the law,” whereas EA principles summarize “the spirit of the law.”

    The image shows a graphic with EA Principles listed at the top, with an arrow pointing down to Decisions on the use of IT. At the bottom are domain-specific policies, with two arrows pointing upwards: the arrow on the left is labelled direct, and the arrow on the right is labelled control. The arrow points up to the label Decisions on the use of IT. On the left, there is an arrow pointing both up and down. At the top it is labelled The spirit of the law, and at the bottom, The letter of the law. On the right, there is another arrow pointing both up and down, labelled How should decisions be made at the top and labelled Who has the accountability and authority to make decisions? at the bottom.

    Define EA capability goals and related measures that resonate with EA capability stakeholders

    EA capability goals, i.e. specific desired outcomes of an EA management process execution. Use COBIT 5, APO03 process goals, and metrics as a starting point.

    The image shows a chart titled Manage Enterprise Architecture.

    Define relevant business value measures to collect indirect evidence of EA’s contribution to business benefits

    Define key operational measures for internal use by IT and EA practitioners. Also, define business value measures that communicate and demonstrate the value of EA as an enabler of business outcomes to senior executives.

    EA performance measures (lead, operational) EA value measures (lag)
    Application of EA management process EA’s contribution to IT performance EA’s contribution to business value

    Enterprise Architecture Management

    • Number of months since the last review of target state EA blueprints.

    IT Investment Portfolio Management

    • Percentage of projects that were identified and proposed by EA.

    Solution Development

    • Number of projects that passed EA reviews.
    • Number of building blocks reused.

    Operations Management

    • Reduction in the number of applications with overlapping functionality.

    Business Value

    • Lower non-discretionary IT spend.
    • Decreased time to production.
    • Higher satisfaction of IT-enabled services.

    Refine the organization’s EA fundamentals

    2.1 2 hrs

    Input

    • Group consensus on the current state of EA competencies.

    Output

    • A list of gaps that need to be addressed for EA governance competencies.

    Materials

    • Info-Tech’s EA assessment tool, a computer, and/or a whiteboard and marker.

    Participants

    • EA team, business line leads, IT department leads.

    The image shows the Table of Contents with four sections highlighted, beginning with EA Vision Statement and ending with EA Goals and Measures.

    Step 1 - Facilitate

    Download the three templates and hold a working session to facilitate a session on creating EA fundamentals.

    Download the EA Vision and Mission Template, the EA Principles Template, and the EA Goals and Measures Template

    Step 2 - Summarize

    Document the final vision, mission, principles, goals, and measures within the EA Governance Framework.

    Update the EA Governance Framework Template


    Ensure that the EA fundamentals are aligned to the organizational needs

    CASE STUDY

    Industry Insurance

    Source Info-Tech

    Situation

    The EA group at INSPRO01 was being pulled in multiple directions with requests ranging from architecture review to solution design to code reviews.

    Project level architecture was being practiced with no clarity on the end goal. This led to EA being viewed as just another IT function without any added benefits.

    Info-Tech recommended that the EA team ensure that the fundamentals (vision, mission, principles, goals, and measures) reflect what the team aspired to achieve before fixing any of the process concerns.

    Complication

    The EA team was mostly comprised of technical people and hence the best practices outlined were not driven by business value.

    The team had no documented vision and mission statements in place. In addition, the existing goals and measures were not tied to the business strategic objectives.

    The team had architectural principles documented, but there were too many and they were very technical in nature.

    Result

    With Info-Tech’s guidance, the team developed a vision and mission statement to succinctly communicate the purpose of the EA function.

    The team also reduced and simplified the EA principles to make sure they were value driven and communicated in business terms.

    Finally, the team proposed goals and measures to track the performance of the EA team.

    With the fundamentals in place, the team was able to show the value of EA and gain organization-wide acceptance.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Key Activities

    • Craft the EA vision and mission.
    • Develop the EA principles.
    • Identify the EA goals.

    Outcomes

    • Refined set of EA fundamentals to support the building of EA governance.

    Phase 3

    Engagement Model

    Create a Right-Sized Enterprise Architecture Governance Framework

    Engagement Model

    1. Current state of EA governance
    2. EA fundamentals
    3. Engagement model
    4. EA governing bodies
    5. EA policy
    6. Architectural standards
    7. Communication Plan

    This step will walk you through the following activities:

    • Build the case for EA engagement
    • Engagement touchpoints within the IT operating model

    This step involves the following participants:

    • CIO
    • IT Leaders
    • Business Leaders
    • Head of Enterprise Architecture
    • Enterprise Architects
    • Domain Architects
    • Solution Architects

    Outcomes of this step

    • Summary of the assessment of the current EA engagement model
    • Target EA engagement model

    Info-Tech Insight

    Perform due diligence prior to decision making. Use the EA Engagement Model to promote conversations between stage gate meetings as opposed to having the conversation during the stage gate meetings.

    Phase 3 guided implementation outline

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 3: EA engagement model

    Proposed Time to Completion: 2 weeks

    Step 3.1 Review the current IT operating model

    Start with an analyst kick-off call:

    • Review Info-Tech’s IT operating model.
    • Understand how to document your organization’s IT operating model.
    • Document EA’s current role and responsibility at each stage of the IT operating model.

    Then complete these activities…

    • Document your organization’s IT operating model.

    With these tools & templates:

    • EA Engagement Model Template

    Step 3.2: Determine the target engagement model

    Review findings with analyst:

    • Review your organization’s current state IT operating model.
    • Review your EA’s role and responsibility at each stage of the IT operating model.
    • Document the role and responsibility of EA in the future state.

    Then complete these activities…

    • Document EA’s future role within each stage of your organization’s IT operating model.

    With these tools & templates:

    • EA Engagement Model Template.

    The three pillars of EA Engagement

    Effective EA engagement revolves around three basic principles – generating business benefits, creating adaptable models, and being able to replicate the process across the organization.

    Business Value Driven

    Focus on generating business value from organizational investments.

    Repeatable

    Process should be standardized, transparent, and repeatable so that it can be consistently applied across the organization.

    Flexible

    Accommodate the varying needs of projects of different sizes.

    Where these pillars meet: Advocates long-term strategic vs. short-term tactical solutions.

    EA interaction points within the IT operating model

    EA’s engagement in each stage within the plan, build, and run phases should be clearly defined and communicated.

    Plan Strategy Development Business Planning Conceptualization Portfolio Management
    Build Requirements Solution Design Application Development/ Procurement Quality Assurance
    Run Deploy Operate

    Document the organization’s current IT operating model

    3.1 2-3 hr

    Input

    • IT project lifecycle

    Output

    • Organization’s current IT operating model.

    Materials

    • A computer, and/or a whiteboard and marker.

    Participants

    • EA team, IT department leads, business leaders.

    Instructions:

    Hold a working session with the participants to document the current IT operating model. Facilitate the activity using the following steps:

    1. Map out the IT operating model.

    1. Find a project that was just deployed within the organization and backtrack every step of the way to the strategy development that resulted in the conception of the project.
    2. Interview the personnel involved with each step of the process to get a sense of whether or not projects usually move to deployment going through these steps.
    3. Review Info-Tech’s best-practice IT operating model presented in the EA Engagement Model Template, and add or remove any steps to the existing organization’s IT operating model as necessary. Document the finalized steps of the IT operating model.

    2. Determine EA’s current role in the operating model.

    1. Interview EA personnel through each step of the process and ask them their role. This is to get a sense of the type of input that EA is having into each step of the process.
    2. Using the EA Engagement Model Template, document the current role of EA in each step of the organization’s IT operation as you complete the interviews.

    Download the EA Engagement Model Template to document the organization’s current IT operating model.

    Define RACI in every stage of the IT operating model (e.g. EA role in strategy development phase of the IT operating model is presented below)

    Strategy Development

    Also known as strategic planning, strategy development is fundamental to creating and running a business. It involves the creation of a longer-term game plan or vision that sets specific goals and objectives for a business.

    R Those in charge of performing the task. These are the people actively involved in the completion of the required work. Business VPs, EA, IT directors R
    A The one ultimately answerable for the correct and thorough completion of the deliverable or task, and the one who delegates the work to those responsible. CEO A
    C Those whose opinions are sought before a decision is made, and with whom there is two-way communication. PMO, Line managers, etc. C
    I Those who are kept up to date on progress, and with whom there is one-way communication. Development managers, etc. I

    Next Step: Similarly define the RACI for each stage of the IT operating model; refer to the activity slide for prompts.

    Best practices on the role of EA within the IT operating model

    Plan

    Strategy Development

    C

    Business Planning

    C

    Conceptualization

    A

    Portfolio Management

    C

    Build

    Requirements

    C

    Solution Design

    R

    Application Development/ Procurement

    R

    Quality Assurance

    I

    Run

    Deploy

    I

    Operate

    I

    Next Step: Define the role of EA in each stage of the IT operating model; refer to the activity slide for prompts.

    Define EA’s target role in each step of the IT operating model

    3.2 2 hrs

    Input

    • Organization’s IT operating model.

    Output

    • Organization’s EA engagement model.

    Materials

    • A computer, and/or a whiteboard and marker.

    Participants

    • EA team, CIO, business leaders, IT department leaders.

    The image shows the Table of Contents for the EA Engagement Model Template with the EA Engagement Summary section highlighted.

    Step 1 - Facilitate

    Download the EA Engagement Model Template and hold a working session to define EA’s target role in each step of the IT operating model.

    Download the EA Engagement Model Template

    Step 2 - Summarize

    Document the target state role of EA within the EA Governance Framework document.

    Update the EA Governance Framework Template


    Design an EA engagement model to formalize EA’s role within the IT operating model

    CASE STUDY

    Industry Insurance

    Source Info-Tech

    Situation

    INSPRO01 had a high IT cost structure with looming technology debt due to a preference for short-term tactical gains over long-term solutions.

    The business satisfaction with IT was at an all-time low due to expensive solutions that did not meet business needs.

    INSPRO01’s technology landscape was in disarray with many overlapping systems and interoperability issues.

    Complication

    No single team within the organization had an end-to-end perspective all the way from strategy to project execution. A lot of information was being lost in handoffs between different teams.

    This led to inconsistent design/solution patterns being applied. Investment decisions had not been grounded in reality and this often led to cost overruns.

    Result

    Info-Tech helped INSPRO01 identify opportunities for EA team engagement at different stages of the IT operating model. EA’s role within each stage was clearly defined and documented.

    With Info-Tech’s help, the EA team successfully made the case for engagement upfront during strategy development rather than during project execution.

    The increased transparency enabled the EA team to ensure that investments were aligned to organizational strategic goals and objectives.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Key Activities

    • Build the case for EA engagement.
    • Identify engagement touchpoints within the IT operating model.

    Outcomes

    • Summary of the assessment of the current EA engagement model
    • Target EA engagement model

    Phase 4

    EA Governing Bodies

    Create a Right-Sized Enterprise Architecture Governance Framework

    EA Governing Bodies

    1. Current state of EA governance
    2. EA fundamentals
    3. Engagement model
    4. EA governing bodies
    5. EA policy
    6. Architectural standards
    7. Communication Plan

    This phase will walk you through the following activities:

    • Identify the number of governing bodies
    • Define the game plan to initialize the governing bodies
    • Define the architecture review process

    This step involves the following participants:

    • CIO
    • IT Leaders
    • Business Leaders
    • Head of Enterprise Architecture
    • Enterprise Architects
    • Domain Architects
    • Solution Architects

    Outcomes of this step

    • Charter definition for each EA governance board

    Info-Tech Insight

    Use architecture governance like a scalpel rather than a hatchet. Implement governing bodies to provide guidance rather than act as a police force.

    Phase 4 guided implementation

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 4: Create or identify EA governing bodies

    Proposed Time to Completion: 2 weeks

    Step 4.1: Identify architecture boards and develop charters

    Start with an analyst kick-off call:

    • Understand the factors influencing the number of governing bodies required for an organization.
    • Understand the components of a governing body charter.

    Then complete these activities…

    • Identify how many governing bodies are needed.
    • Define EA governing body composition, meeting frequency, and domain of coverage.
    • Define the inputs and outputs of each EA governing body.
    • Identify mandatory inclusion criteria.

    With these tools & templates:

    • Architecture Board Charter Template

    Step 4.2: Develop an architecture review process

    Follow-up with an analyst call:

    • Review the number of boards identified for your organization and gather feedback.
    • Review the charters developed for each governing body and gather feedback.
    • Understand the various factors that impact the architecture review process.
    • Review Info-Tech’s best-practice architecture review process.

    Then complete these activities…

    • Refine the charters for governing bodies.
    • Develop the architecture review process for your organization.

    With these tools & templates:

    • Architecture Review Process Template

    Factors that determine the number of architectural boards required

    The primary purpose of architecture boards is to ensure that business benefits are maximized and solution design is within the options set forth by the architectural reference models without introducing additional layers of bureaucracy.

    The optimal number of architecture boards required in an organization is a function of the following factors:

    • EA organization model
      • Distributed
      • Federated
      • Centralized
    • Architecture domains Maturity of architecture domains
    • Project throughput

    Commonly observed architecture boards:

    • Architecture Review Board
    • Technical Architecture Committee
    • Data Architecture Review Board
    • Infrastructure Architecture Review Board
    • Security Architecture Review Board

    Info-Tech Insight

    Before building out a new governance board, start small by repurposing existing forums by adding architecture as an agenda item. As the items for review increase consider introducing dedicated governing bodies.

    EA organization model drives the architecture governance structure

    EA teams can be organized in three ways – distributed, federated, and centralized. Each model has its own strengths and weaknesses. EA governance must be structured in a way such that the strengths are harvested and the weaknesses are mitigated.

    Distributed Federated Centralized
    EA org. structure
    • No overarching EA team exists and segment architects report to line of business (LOB) executives.
    • A centralized EA team exists with segment architects reporting to LOB executives and dotted-line to head of (centralized) EA.
    • A centralized EA capability exists with enterprise architects reporting to the head of EA.
    Implications
    • Produces a fragmented and disjointed collection of architectures.
    • Economies of scale are not realized.
    • High cross-silo integration effort.
    • LOB-specific approach to EA.
    • Requires dual reporting relationships.
    • Additional effort is required to coordinate centralized EA policies and blueprints with segment EA policies and blueprints.
    • Accountabilities may be unclear.
    • Can be less responsive to individual LOB needs, because the centralized EA capability must analyze needs of multiple LOBs and various trade-off options to avoid specialized, one-off solutions.
    • May impede innovation.
    Architectural boards
    • Cross LOB working groups to create architecture standards, patterns, and common services.
    • Local boards to support responsiveness to LOB-specific needs.
    • Cross LOB working groups to create architecture standards, patterns and common services.
    • Cross-enterprise boards to ensure adherence to enterprise standards and reduce integration costs.
    • Local boards to support responsiveness to LOB specific needs.
    • Enterprise working groups to create architecture standards, patterns, and all services.
    • Central board to ensure adherence to enterprise standards.

    Architecture domains influences the number of architecture boards required

    • An architecture review board (ARB) provides direction for domain-specific boards and acts as an escalation point. The ARB must have the right mix of both business and technology stakeholders.
    • Domain-specific boards provide a platform to have focused discussions on items specific to that domain.
    • Based on project throughput and the maturity of each domain, organizations would have to pick the optimal number of boards.
    • Architecture working groups provide a platform for cross-domain conversations to establish organization wide standards.
    Level 1 Architecture Review Board IT and Business Leaders
    Level 2 Business Architecture Board Data Architecture Board Application Architecture Board Infrastructure Architecture Board Security Architecture Board IT and Business Managers
    Level 3 Architecture Working Groups Architects

    Create a game plan for the architecture boards

    • Start with a single board for each level – an architecture review board (ARB), a technical architecture committee (TAC), and architecture working groups.
    • As the organization matures and the number of requests to the TAC increase, consider creating domain-specific boards – such as business architecture, data architecture, application architecture, etc. – to handle architecture decisions pertaining to that domain.

    Start with this:

    Level 1 Architecture Review Board
    Level 2 Technical Architecture Committee
    Level 3 Architecture Working Groups

    Change to this:

    Architecture Review Board IT and Business Leaders
    Business Architecture Board Data Architecture Board Application Architecture Board Infrastructure Architecture Board Security Architecture Board IT and Business Managers
    Architecture Working Groups Architects

    Architecture boards have different objectives and activities

    The boards at each level should be set up with the correct agenda – ensure that the boards’ composition and activities reflect their objective. Use the entry criteria to communicate the agenda for their meetings.

    Architecture Review Board Technical Architecture Committee
    Objective
    • Evaluates business strategy, needs, and priorities, sets direction and acts as a decision making authority of the EA capability.
    • Directs the development of target state architecture.
    • Monitors performance and compliance of the architectural standards.
    • Monitor project solution architecture compliance to standards, regulations, EA principles, and target state EA blueprints.
    • Review EA compliance waiver requests, make recommendations, and escalate to the architecture review board (ARB).
    Composition
    • Business Leadership
    • IT Leadership
    • Head of Enterprise Architecture
    • Business Managers
    • IT Managers
    • Architects
    Activities
    • Review compliance of conceptual solution to standards.
    • Discuss the enterprise implications of the proposed solution.
    • Select and approve vendors.
    • Review detailed solution design.
    • Discuss the risks of the proposed solution.
    • Discuss the cost of the proposed solution.
    • Review and recommend vendors.
    Entry Criteria
    • Changes to IT Enterprise Technology Policy.
    • Changes to the technology management plan.
    • Approve changes to enterprise technology inventory/portfolio.
    • Ongoing operational cost impacts.
    • Detailed estimates for the solution are ready for review.
    • There are significant changes to protocols or technologies responsible for solution.
    • When the project is deviating from baselined architectures.

    Identify the number of governing bodies

    4.1 2 hrs

    Input

    • EA Vision and Mission
    • EA Engagement Model

    Output

    • A list of EA governing bodies.

    Materials

    • A computer, and/or a whiteboard and marker.

    Participants

    • EA team, CIO, business line leads, IT department leads.

    Instructions:

    Hold a working session with the participants to identify the number of governing bodies. Facilitate the activity using the following steps:

    1. Examine the EA organization models mentioned previously. Assess how your organization is structured, and identify whether your organization has a federated, distributed or centralized EA organization model.
    2. Reference the “Game plan for the architecture boards” slide. Assess the architecture domains, and define how many there are in the organization.
    3. Architecture domains:
      1. If no defined architecture domains exist, model the number of governing bodies in the organization based on the “Start with this” scenario in the “Game plan for the architecture boards” slide.
      2. If defined architecture domains do exist, model the number of governing bodies based on the “Change to this” scenario in the “Game plan for the architecture boards” slide.
    4. Name each governing body you have defined in the previous step. Download Info-Tech’s Architecture Board Charter Template for each domain you have named. Input the names into the title of each downloaded template.

    Download the Architecture Board Charter Template to document this activity.

    Defining the governing body charter

    The charter represents the agreement between the governing body and its stakeholders about the value proposition and obligations to the organization.

    1. Purpose: The reason for the existence of the governing body and its goals and objectives.
    2. Composition: The members who make up the committee and their roles and responsibilities in it.
    3. Frequency of meetings: The frequency at which the committee gathers to discuss items and make decisions.
    4. Entry/Exit Criteria: The criteria by which the committee selects items for review and items for which decisions can be taken.
    5. Inputs: Materials that are provided as inputs for review and decision making by the committee.
    6. Outputs: Materials that are provided by the committee after an item has been reviewed and the decision made.
    7. Activities: Actions undertaken by the committee to arrive at its decision.

    Define EA’s target role in each step of the IT operating model

    4.2 3 hrs

    Input

    • A list of all identified EA governing bodies.

    Output

    • Charters for each EA governing bodies.

    Materials

    • A computer, and/or a whiteboard and marker.

    Participants

    • EA team, business line leads, IT department leads.

    The image shows the Table of Contents for the EA Governance Framework document, with the Architecture Board Charters highlighted.

    Step 1 Facilitate

    Hold a working session with the stakeholders to define the charter for each of the identified architecture boards.

    Download Architecture Board Charter Template

    Step 2 Summarize

    • Summarize the objectives of each board and reference the charter document within the EA Governance Framework.
    • Upload the final charter document to the team’s common repository.

    Update the EA Governance Framework document


    Considerations when creating an architecture review process

    • Ensure that architecture review happens at major milestones within the organization’s IT Operating Model such as the plan, build, and run phases.
    • In order to provide continuous engagement, make the EA group accountable for solution architecture in the plan phase. In the build phase, the EA group will be consulted while the solution architect will be responsible for the project solution architecture.

    Plan

    • Strategy Development
    • Business Planning
    • A - Conceptualization
    • Portfolio Management

    Build

    • Requirements
    • R - Solution Design
    • Application Development/ Procurement
    • Quality Assurance

    Run

    • Deploy
    • Operate

    Best-practice project architecture review process

    The best-practice model presented facilitates the creation of sound solution architecture through continuous engagement with the EA team and well-defined governance checkpoints.

    The image shows a graphic of the best-practice model. At the left, four categories are listed: Committees; EA; Project Team; LOB. At the top, three categories are listed: Plan; Build; Run. Within the area between these categories is a flow chart demonstrating the best-practice model and specific checkpoints throughout.

    Develop the architecture review process

    4.3 2 hours

    Input

    • A list of all EA governing bodies.
    • Info-Tech’s best practice architecture review process.

    Output

    • The new architecture review process.

    Materials

    • A computer, and/or a whiteboard and marker.

    Participants

    • EA team, business line leads, IT department leads.

    Hold a working session with the participants to develop the architecture review process. Facilitate the activity using the following steps:

    1. Reference Info-Tech’s best-practice architecture review process embedded within the “Architecture Review Process Template” to gain an understanding of an ideal architecture review process.
    2. Identify the stages within the plan, build, and run phases where solution architecture reviews should occur, and identify the governing bodies involved in these reviews.
    3. As you go through these stages, record your findings in the Architecture Review Process Template.
    4. Connect the various activities leading to and from the architecture creation points to outline the review process.

    Download the Architecture Review Process Template for additional guidance regarding developing an architecture review process.

    Develop the architecture review process

    4.3 2 hrs

    Input

    • A list of all identified EA governing bodies.

    Output

    • Charters for each EA governing bodies.

    Materials

    • A computer, and/or a whiteboard and marker.

    Participants

    • EA team, business line leads, IT department leads.

    The image shows a screenshot of the Table of Contents, with the Architecture Review Process highlighted.

    Step 1 - Facilitate

    Download Architecture Review Process Template and facilitate a session to customize the best-practice model presented in the template.

    Download the Architecture Review Process Template

    Step 2 - Summarize

    Summarize the process changes and document the process flow in the EA Governance Framework document.

    Update the EA Governance Framework Template

    Right-size EA governing bodies to reduce the perception of red tape

    Case Study

    Industry Insurance

    Source Info-Tech

    Situation

    At INSPRO01, architecture governance boards were a bottleneck. The boards fielded all project requests, ranging from simple screen label changes to complex initiatives spanning multiple applications.

    These boards were designed as forums for technology discussions without any business stakeholder involvement.

    Complication

    INSPRO01’s management never gave buy-in to the architecture governance boards since their value was uncertain.

    Additionally, architectural reviews were perceived as an item to be checked off rather than a forum for getting feedback.

    Architectural exceptions were not being followed through due to the lack of a dispensation process.

    Result

    Info-Tech has helped the team define adaptable inclusion/exclusion criteria (based on project complexity) for each of the architectural governing boards.

    The EA team was able to make the case for business participation in the architecture forums to better align business and technology investment.

    An architecture dispensation process was created and operationalized. As a result architecture reviews became more transparent with well-defined next steps.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Key Activities

    • Identify the number of governing bodies.
    • Define the game plan to initialize the governing bodies.
    • Define the architecture review process.

    Outcomes

    • Charter definition for each EA governance board

    Phase 5

    EA Policy

    Create a Right-Sized Enterprise Architecture Governance Framework

    EA Policy

    1. Current state of EA governance
    2. EA fundamentals
    3. Engagement model
    4. EA governing bodies
    5. EA policy
    6. Architectural standards
    7. Communication Plan

    This phase will walk you through the following activities:

    • Define the EA policy scope
    • Identify the target audience
    • Determine the inclusion and exclusion criteria
    • Create an assessment checklist

    This step involves the following participants:

    • CIO
    • IT Leaders
    • Business Leaders
    • Head of Enterprise Architecture
    • Enterprise Architects
    • Domain Architects
    • Solution Architects

    Outcomes of this step

    • The completed EA policy
    • Project assessment checklist
    • Defined assessment outcomes
    • Completed compliance waiver process

    Info-Tech Insight

    Use the EA policy to promote EA’s commitment to deliver value to business stakeholders through process transparency, stakeholder engagement, and compliance.

    Phase 5 guided implementation

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 5: EA Policy

    Proposed Time to Completion: 3 weeks

    Step 5.1–5.3: EA Policy, Assessment Checklists, and Decision Types

    Start with an analyst kick-off call:

    • Discuss the three pillars of EA policy and its purpose.
    • Review the components of an effective EA policy.
    • Understand how to develop architecture assessment checklists.
    • Understand the assessment decision types.

    Then complete these activities…

    • Define purpose, scope, and audience of the EA policy.
    • Create a project assessment checklist.
    • Define the organization’s assessment decision type.

    With these tools & templates:

    • EA Policy Template
    • EA Assessment Checklist Template

    Step 5.4: Compliance Waivers

    Review findings with analyst:

    • Review your draft EA policy and gather feedback.
    • Review your project assessment checklists and the assessment decision types.
    • Discuss the best-practice architecture compliance waiver process and how to tailor it to your organizational needs.

    Then complete these activities…

    • Refine the EA policy based on feedback gathered.
    • Create the compliance waiver process.

    With these tools & templates:

    • EA Compliance Waiver Process Template
    • EA Compliance Waiver Form Template

    Three pillars of architecture policy

    Architecture policy is a set of guidelines, formulated and enforced by the governing bodies of an organization, to guide and constrain architectural choices in pursuit of strategic goals.

    Architecture compliance – promotes compliance to organizational standards through well-defined assessment checklists across architectural domains.

    Business value – ensures that investments are tied to business value by enforcing traceability to business capabilities.

    Architectural guidance – provides guidance to architecture practitioners on the application of the business and technology standards.

    Components of EA policy

    An enterprise architecture policy is an actionable document that can be applied to projects of varying complexity across the organization.

    1. Purpose and Scope: This EA policy document clearly defines the scope and the objectives of architecture reviews within an organization.
    2. Target Audience: The intended audience of the policy such as employees and partners.
    3. Architecture Assessment Checklist: A wide range of typical questions that may be used in conducting Architecture Compliance reviews, relating to various aspects of the architecture.
    4. Assessment Outcomes: The outcome of the architecture review process that determines the conformance of a project solution to the enterprise architecture standards.
    5. Compliance Waiver: Used when a solution or segment architecture is perceived to be non-compliant with the enterprise architecture.

    Draft the purpose and scope of the EA policy

    5.1 2.5 hrs

    Input

    • A consensus on the purpose, scope, and audience for the EA policy.

    Output

    • Documented version of the purpose, scope, and audience for the EA policy.

    Materials

    • A computer, and/or a whiteboard and marker.

    Participants

    • EA team, CIO, business line leads, IT department leads.

    The image shows a screenshot of the Table of Contents with the EA Policy section highlighted.

    Step 1 - Facilitate

    Download the EA Policy Template and hold a working session to draft the EA policy.

    Download the EA Policy Template

    Step 2 - Summarize

    • Summarize purpose, scope, and intended audience of the policy in the EA Governance Framework document.
    • Update the EA policy document with the purpose, scope and intended audience.

    Update the EA Governance Framework Template

    Architecture assessment checklist

    Architecture assessment checklist is a list of future-looking criteria that a project will be assessed against. It provides a set of standards against which projects can be assessed in order to render a decision on whether or not the project can be greenlighted.

    Architecture checklists should be created for each EA domain since each domain provides guidance on specific aspects of the project.

    Sample Checklist Questions

    Business Architecture:

    • Is the project aligned to organizational strategic goals and objectives?
    • What are the business capabilities that the project supports? Is it creating new capabilities or supporting an existing one?

    Data Architecture:

    • What processes are in place to support data referential integrity and/or normalization?
    • What is the physical data model definition (derived from logical data models) used to design the database?

    Application Architecture:

    • Can this application be placed on an application server independent of all other applications? If not, explain the dependencies.
    • Can additional parallel application servers be easily added? If so, what is the load balancing mechanism?

    Infrastructure Architecture:

    • Does the solution provide high-availability and fault-tolerance that can recover from events within a datacenter?

    Security Architecture:

    • Have you ensured that the corporate security policies and guidelines to which you are designing are the latest versions?

    Create architectural assessment checklists

    5.2 2 hrs

    Input

    • Reference architecture models.

    Output

    • Architecture assessment checklist.

    Materials

    • A computer, and/or a whiteboard and marker.

    Participants

    • EA team, business line leads, IT department leads.

    The image shows a screenshot of the Table of Contents with the EA Assessment Checklist section highlighted.

    Step 1 - Facilitate

    Download the EA Assessment Checklist Template and hold a working session to create the architectural assessment checklists.

    Download the EA Assessment Checklist Template

    Step 2 - Summarize

    • Summarize the major points of the checklists in the EA Governance Framework document.
    • Update the EA policy document with the detailed architecture assessment checklists.

    Update the EA Governance Framework Template

    Architecture assessment decision types

    • As a part of the proposed solution review, the governing bodies produce a decision indicating the compliance of the solution architecture with the enterprise standards.
    • Go, No Go, or Conditional are a sample set of decision outcomes available to the governing bodies.
    • On a conditional approval, the project team must file for a compliance waiver.

    Approved

    • The solution demonstrates substantial compliance with standards.
    • Negligible risk to the organization or minimal risks with sound plans of how to mitigate them.
    • Architectural approval to proceed with delivery type of work.

    Conditional Approval

    • The significant aspects of the solution have been addressed in a satisfactory manner.
    • Yet, there are some aspects of the solution that are not compliant with standards.
    • The architectural approval is conditional upon presenting the missing evidence within a minimal period of time determined.
    • The risk level may be acceptable to the organization from an overall IT governance perspective.

    Not Approved

    • The solution is not compliant with the standards.
    • Scheduled for a follow-up review.
    • Not recommended to proceed until the solution is more compliant with the standards.

    Best-practice architecture compliance waiver process

    Waivers are not permanent. Waiver terms must be documented for each waiver specifying:

    • Time period after which the architecture in question will be compliant with the enterprise architecture.
    • The modifications necessary to the enterprise architecture to accommodate the solution.

    The image shows a flow chart, split into 4 sections: Enterprise Architect; Solution Architect; TAC; ARB. To the right of these section labels, there is a flow chart that documents the waiver process.

    Create compliance waiver process

    5.4 3-4 hrs

    Input

    • A consensus on the compliance waiver process.

    Output

    • Documented compliance waiver process and form.

    Materials

    • A computer, and/or a whiteboard and marker.

    Participants

    • EA team, business line leads, IT department leads.

    The image shows the Table of Contents with the Compliance Waiver Form section highlighted.

    Step 1 - Facilitate

    Download the EA compliance waiver template and hold a working session to customize the best-practice process to your organization’s needs.

    Download the EA Compliance Waiver Process Template

    Step 2 - Summarize

    • Summarize the objectives and high-level process in the EA Governance Framework document.
    • Update the EA policy document with the compliance waiver process.
    • Upload the final policy document to the team’s common repository.

    Update the EA Governance Framework Template

    Creates an enterprise architecture policy to drive adoption

    Case Study

    Industry Insurance

    Source Info-Tech

    Situation

    EA program adoption across INSPRO01 was at its lowest point due to a lack of transparency into the activities performed by the EA group.

    Often, projects ignored EA entirely as it was viewed as a nebulous and non-value-added activity that produced no measurable results.

    Complication

    There was very little documented information about the architecture assessment process and the standards against which project solution architectures were evaluated.

    Additionally, there were no well-defined outcomes for the assessment.

    Project groups were left speculating about the next steps and with little guidance on what to do after completing an assessment.

    Result

    Info-Tech helped the EA team create an EA policy containing architecture significance criteria, assessment checklists, and reference to the architecture review process.

    Additionally, the team also identified guidelines and detailed next steps for projects based on the outcome of the architecture assessment.

    These actions brought clarity to EA processes and fostered better engagement with the EA group.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Key Activities

    • Define the scope.
    • Identify the target audience.
    • Determine the inclusion and exclusion criteria.
    • Create an assessment checklist.

    Outcomes

    • The completed EA policy
    • Project assessment checklist
    • Defined assessment outcomes
    • Completed compliance waiver process

    Phase 6

    Architectural Standards

    Create a Right-Sized Enterprise Architecture Governance Framework

    Architectural Standards

    1. Current state of EA governance
    2. EA fundamentals
    3. Engagement model
    4. EA governing bodies
    5. EA policy
    6. Architectural standards
    7. Communication Plan

    This phase will walk you through the following activities:

    • Identify and standardize EA work products
    • Classify the architectural standards
    • Identify the custodian of standards
    • Update the standards

    This step involves the following participants:

    • Head of Enterprise Architecture
    • Enterprise Architects
    • Domain Architects
    • Solution Architects

    Outcomes of this step

    • A standardized set of EA work products
    • A way to categorize and store EA work products
    • A defined method of updating standards

    Info-Tech Insight

    The architecture standard is the currency that facilitates information exchange between stakeholders. The primary purpose is to minimize transaction costs by providing a balance between stability and relevancy.

    Phase 6 guided implementation

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 6: Architectural standards

    Proposed Time to Completion: 4 weeks

    Step 6.1: Understand Architectural Standards

    Start with an analyst kick-off call:

    • Discuss architectural standards.
    • Know how to identify and define EA work products.
    • Understand the standard content of work products.

    Then complete these activities…

    • Identify and standardize EA work products.

    Step 6.2–6.3: EA Repository and Updating the Standards

    Review with analyst:

    • Review the standardized EA work products.
    • Discuss the principles of EA repository.
    • Discuss the Info-Tech best-practice model for updating architecture standards and how to tailor them to your organizational context.

    Then complete these activities…

    • Build a folder structure for storing EA work products.
    • Use the Info-Tech best-practice architecture standards update process to develop your organization’s process for updating architecture standards.

    With these tools & templates:

    • Architecture Standards Update Process Template

    Recommended list of EA work products to standardize

    • EA work products listed below are typically produced as a part of the architecture lifecycle.
    • To ensure consistent development of architecture, the work products need to be standardized.
    • Consider standardizing both the naming conventions and the content of the work products.
    1. EA vision: A document containing the vision that provides the high-level aspiration of the capabilities and business value that EA will deliver.
    2. Statement of EA Work: The Statement of Architecture Work defines the scope and approach that will be used to complete an architecture project.
    3. Reference architectures: A reference architecture is a set of best-practice taxonomy that describes components and the conceptual structure of the model, as well as graphics, which provide a visual representation of the taxonomy to aid understanding. Reference architectures are created for each of the architecture domains.
    4. Solution proposal: The proposed project solution based on the EA guidelines and standards.
    5. Compliance assessment request: The document that contains the project solution architecture assessment details.
    6. Architecture change request: The request that initiates a change to architecture standards when existing standards can no longer meet the needs of the enterprise.
    7. Transition architecture: A transition architecture shows the enterprise at incremental states that reflect periods of transition that sit between the baseline and target architectures.
    8. Architectural roadmap: A roadmap that lists individual increments of change and lays them out on a timeline to show progression from the baseline architecture to the target architecture.
    9. EA compliance waiver request: A compliance waiver request that must be made when a solution or segment architecture is perceived to be non-compliant with the enterprise architecture.

    Standardize the content of each work product

    1. Purpose - The reason for the existence of the work product.
    2. Owner - The owner of this EA work product.
    3. Target Audience - The intended audience of the work product such as employees and partners.
    4. Naming Pattern - The pattern for the name of the work product as well as its file name.
    5. Table of Contents - The various sections of the work product.
    6. Review & Sign-Off Authority - The stakeholders who will review the work product and approve it.
    7. Repository Folder Location - The location where the work product will be stored.

    Identify and standardize work products

    6.1 3 hrs

    Input

    • List of various documents being produced by projects currently.

    Output

    • Standardized list of work products.

    Materials

    • A computer, and/or a whiteboard and marker.

    Participants

    • A computer, and/or a whiteboard and marker.

    Instructions:

    Hold a working session with the participants to identify and standardize work products. Facilitate the activity using the steps below.

    1. Identifying EA work products:
      1. Start by reviewing the list of all architecture-related documents presently produced in the organization. Any such deliverable with the following characteristics can be standardized:
        1. If it can be broken out and made into a standalone document.
        2. If it can be made into a fill-in form completed by others.
        3. If it is repetitive and requires iterative changes.
      2. Create a list of work products that your organization would like to standardize based on the characteristics above.
    2. The content and format of standardized EA work products:
      1. For each work product your organization wishes to standardize, look at its purpose and brainstorm the content needed to fulfill that purpose.
      2. After identifying the elements that need to be included in the work product to fulfill its purpose, order them logically for presentation purposes.
      3. In each section of the work product that need to be completed, include instructions on how to complete the section.
      4. Review the seven elements presented in the previous slide and include them in the work products.

    EA repository - information taxonomy

    As the EA function begins to grow and accumulates EA work products, having a well-designed folder structure helps you find the necessary information efficiently.

    Architecture meta-model

    Describes the organizationally tailored architecture framework.

    Architecture capability

    Defines the parameters, structures, and processes that support the enterprise architecture group.

    Architecture landscape

    An architectural presentation of assets in use by the enterprise at particular points in time.

    Standards information base

    Captures the standards with which new architectures and deployed services must comply.

    Reference library

    Provides guidelines, templates, patterns, and other forms of reference material to accelerate the creation of new architectures for the enterprise.

    Governance log

    Provides a record of governance activity across the enterprise.

    Create repository folder structure

    6.2 5-6 hrs

    Input

    • List of standardized work products.

    Output

    • EA work products mapped to a repository folder.

    Materials

    • A computer, and/or a whiteboard and marker.

    Participants

    • EA team, IT department leads.

    Instructions:

    Hold a working session with the participants to create a repository structure. Facilitate the activity using the steps below:

    1. Start with the taxonomy on the previous slide, and sort the existing work products into these six categories.
    2. Assess that the work products are sorted in a mutually exclusive and collectively exhaustive fashion. This means that a certain work product that appears in one category should not appear in another category. As well, make sure these six categories capture all the existing work products.
    3. Based on the categorization of the work products, build a folder structure that follows these categories, which will allow for the work products to be accessed quickly and easily.

    Create a process to update EA work products

    • Architectural standards are not set in stone and should be reviewed and updated periodically.
    • The Architecture Review Board is the custodian for standards.
    • Any change to the standards need to be assessed thoroughly and must be communicated to all the impacted stakeholders.

    Architectural standards update process

    Identify

    • Identify changes to the standards

    Assess

    • Review and assess the impacts of the change

    Document

    • Document the change and update the standard

    Approve

    • Distribute the updated standards to key stakeholders for approval

    Communicate

    • Communicate the approved changes to impacted stakeholders

    Create a process to continually update standards

    6.3 1.5 hrs

    Input

    • The list of work products and its owners.

    Output

    • A documented work product update process.

    Materials

    • A computer, and/or a whiteboard and marker.

    Participants

    • EA team, business line leads, IT department leads.

    The image shows the screenshot of the Table of Contents with the Standards Update Process highlighted.

    Step 1 - Facilitate

    Download the standards update process template and hold a working session to customize the best practice process to your organization’s needs.

    Download the Architecture Standards Update Process Template

    Step 2 - Summarize

    Summarize the objectives and the process flow in the EA governance framework document.

    Update the EA Governance Framework Template

    Create architectural standards to minimize transaction costs

    Case Study

    Industry Insurance

    Source Info-Tech

    Situation

    INSPRO01 didn’t maintain any centralized standards and each project had its own solution/design work products based on the preference of the architect on the project. This led to multiple standards across the organization.

    Lack of consistency in architectural deliverables made the information hand-offs expensive.

    Complication

    INSPRO01 didn’t maintain the architectural documents in a central repository and the information was scattered across multiple project folders.

    This caused key stakeholders to make decisions based on incomplete information and resulted in constant revisions as new information became available.

    Result

    Info-Tech recommended that the EA team identify and standardize the various EA work products so that information was collected in a consistent manner across the organization.

    The team also recommended an information taxonomy to store the architectural deliverables and other collateral.

    This resulted in increased consistency and standardization leading to efficiency gains.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Key Activities

    • Identify and standardize EA work products.
    • Classify the architectural standards.
    • Identify the custodian of standards.
    • Update the standards.

    Outcomes

    • A standardized set of EA work products
    • A way to categorize and store EA work products
    • A defined method of updating standards

    Phase 7

    Communication Plan

    Create a Right-Sized Enterprise Architecture Governance Framework

    Communication Plan

    1. Current state of EA governance
    2. EA fundamentals
    3. Engagement model
    4. EA governing bodies
    5. EA policy
    6. Architectural standards
    7. Communication Plan

    This phase will walk you through the following activities:

    • List the changes identified in the EA governance initiative
    • Identify stakeholders
    • Create a communication plan

    This step involves the following participants:

    • Head of Enterprise Architecture
    • Enterprise Architects
    • Domain Architects
    • Solution Architects

    Outcomes of this step

    • Communication Plan
    • EA Governance Framework

    Info-Tech Insight

    By failing to prepare, you are preparing to fail – maximize the likelihood of success for EA governance by engaging the relevant stakeholders and communicating the changes.

    Phase 7 guided implementation

    Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 6: Operationalize the EA governance framework

    Proposed Time to Completion: 1 week

    Step 7.1: Create a Communication Plan

    Start with an analyst kick-off call:

    • Discuss how to communicate changes to stakeholders.
    • Discuss the purposes and benefits of the EA governance framework.

    Then complete these activities…

    • Identify the stakeholders affected by the EA governance transformations.
    • List the benefits of the proposed EA governance initiative.
    • Create a plan to communicate the changes to impacted stakeholders.

    With these tools & templates:

    • EA Governance Communication Plan Template
    • EA Governance Framework Template

    Step 7.2: Review the Communication Plan

    Start with an analyst kick-off call:

    • Review the communication plan and gather feedback on the proposed stakeholders.
    • Confer about the various methods of communicating change in an organization.
    • Discuss the uses of the EA Governance Framework.

    Then complete these activities…

    • Refine your communication plan and use it to engage with stakeholders to better serve customers.
    • Create the EA Governance Framework to accompany the communication plan in engaging stakeholders to better understand the value of EA.

    With these tools & templates:

    • EA Governance Communication Plan Template
    • EA Governance Framework Template

    Communicate changes to stakeholders

    The changes made to the EA governance components need to be reviewed, approved, and communicated to all of the impacted stakeholders.

    Deliverables to be reviewed:

    • Fundamentals
      • Vision and Mission
      • Goals and Measures
      • Principles
    • Architecture review process
    • Assessment checklists
    • Policy Governing body charters
    • Architectural standards

    Deliverable Review Process:

    Step 1: Hold a meeting with stakeholders to review, refine, and agree on the changes.

    Step 2: Obtain an official approval from the stakeholders.

    Step 3: Communicate the changes to the impacted stakeholders.

    Communicate the changes by creating an EA governance framework and communication plan

    7.1 3 hrs

    Input

    • EA governance deliverables.

    Output

    • EA Governance Framework
    • Communication Plan.

    Materials

    • A computer, and/or a whiteboard and marker.

    Participants

    • EA team, CIO, business line leads, IT department leads.

    Instructions:

    Hold a working session with the participants to create the EA governance framework as well as the communication plan. Facilitate the activity using the steps below:

    1. EA Governance Framework:
      1. The EA Governance Framework is a document that will help reference and cite all the materials created from this blueprint. Follow the instructions on the framework to complete.
    2. Communication Plan:
      1. Identify the stakeholders based on the EA governance deliverables.
      2. For each stakeholder identified, complete the “Communication Matrix” section in the EA Governance Communication Plan Template. Fill out the section based on the instructions in the template.
      3. As the stakeholders are identified based on the “Communication Matrix,” use the EA Governance Framework document to communicate the changes.

    Download the EA Governance Communication Plan Template and EA Governance Framework Template for additional instructions and to document your activities in this phase.

    Maximize the likelihood of success by communicating changes

    Case Study

    Industry Insurance

    Source Info-Tech

    Situation

    The EA group followed Info-Tech’s methodology to assess the current state and has identified areas for improvement.

    Best practices were adopted to fill the gaps identified.

    The team planned to communicate the changes to the technology leadership team and get approvals.

    As the EA team tried to roll out changes, they encountered resistance from various IT teams.

    Complication

    The team was not sure of how to communicate the changes to the business stakeholders.

    Result

    Info-Tech has helped the team conduct a thorough stakeholder analysis to identify all the stakeholders who would be impacted by the changes to the architecture governance framework.

    A comprehensive communication plan was developed that leveraged traditional email blasts, town hall meetings, and non-traditional methods such as team blogs.

    The team executed the communication plan and was able to manage the change effectively.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech workshop

    Book a workshop with our Info-Tech analysts:

    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analysts will join you and your team onsite at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    Key Activities

    • List the changes identified in the EA governance initiative.
    • Identify stakeholders.
    • Create a communication plan.
    • Compile the materials created in the blueprint to better communicate the value of EA governance.

    Outcomes

    • Communication plan
    • EA governance framework

    Bibliography

    Government of British Columbia. “Architecture and Standards Review Board.” Government of British Columbia. 2015. Web. Jan 2016. < http://www.cio.gov.bc.ca/cio/standards/asrb.page >

    Hopkins, Brian. “The Essential EA Toolkit Part 3 – An Architecture Governance Process.” Cio.com. Oct 2010. Web. April 2016. < http://www.cio.com/article/2372450/enterprise-architecture/the-essential-ea-toolkit-part-3---an-architecture-governance-process.html >

    Kantor, Bill. “How to Design a Successful RACI Project Plan.” CIO.com. May 2012. Web. Jan 2016. < http://www.cio.com/article/2395825/project-management/how-to-design-a-successful-raci-project-plan.html >

    Sapient. “MIT Enterprise Architecture Guide.” Sapient. Sep 2004. Web. Jan 2016. < http://web.mit.edu/itag/eag/FullEnterpriseArchitectureGuide0.1.pdf >

    TOGAF. “Chapter 41: Architecture Repository.” The Open Group. 2011. Web. Jan 2016. < http://pubs.opengroup.org/architecture/togaf9-doc/arch/chap41.html >

    TOGAF. “Chapter 48: Architecture Compliance.” The Open Group. 2011. Web. Jan 2016. < http://pubs.opengroup.org/architecture/togaf9-doc/arch/chap48.html >

    TOGAF. “Version 9.1.” The Open Group. 2011. Web. Jan 2016. http://pubs.opengroup.org/architecture/togaf9-doc/arch/

    United States Secret Service. “Enterprise Architecture Review Board.” United States Secret Service. Web. Jan 2016. < http://www.archives.gov/records-mgmt/toolkit/pdf/ID191.pdf >

    Virginia Information Technologies Agency. “Enterprise Architecture Policy.” Commonwealth of Virginia. Jul 2006. Web. Jan 2016. < https://www.vita.virginia.gov/uploadedfiles/vita_main_public/library/eapolicy200-00.pdf >

    Research contributors and experts

    Alan Mitchell, Senior Manager, Global Cities Centre of Excellence, KPMG

    Alan Mitchell has held numerous consulting positions before his role in Global Cities Centre of Excellence for KPMG. As a Consultant, he has had over 10 years of experience working with enterprise architecture related engagements. Further, he worked extensively with the public sector and prides himself on his knowledge of governance and how governance can generate value for an organization.

    Ian Gilmour, Associate Partner, EA advisory services, KPMG

    Ian Gilmour is the global lead for KPMG’s enterprise architecture method and Chief Architect for the KPMG Enterprise Reference Architecture for Health and Human Services. He has over 20 years of business design experience using enterprise architecture techniques. The key service areas that Ian focuses on are business architecture, IT-enabled business transformation, application portfolio rationalization, and the development of an enterprise architecture capability within client organizations.

    Djamel Djemaoun Hamidson, Senior Enterprise Architect, CBC/Radio-Canada

    Djamel Djemaoun is the Senior Enterprise Architect for CBC/Radio-Canada. He has over 15 years of Enterprise Architecture experience. Djamel’s areas of special include service-oriented architecture, enterprise architecture integration, business process management, business analytics, data modeling and analysis, and security and risk management.

    Sterling Bjorndahl, Director of Operations, eHealth Saskatchewan

    Sterling Bjorndahl is now the Action CIO for the Sun Country Regional Health Authority, and also assisting eHealth Saskatchewan grow its customer relationship management program. Sterling’s areas of expertise include IT strategy, enterprise architecture, ITIL, and business process management. He serves as the Chair on the Board of Directors for Gardiner Park Child Care.

    Huw Morgan, IT Research Executive, Enterprise Architect

    Huw Morgan has 10+ years experience as a Vice President or Chief Technology Officer in Canadian internet companies. As well, he possesses 20+ years experience in general IT management. Huw’s areas of expertise include enterprise architecture, integration, e-commerce, and business intelligence.

    Serge Parisien, Manager, Enterprise Architecture at Canada Mortgage Housing Corporation

    Serge Parisien is a seasoned IT leader with over 25 years of experience in the field of information technology governance and systems development in both the private and public sectors. His areas of expertise include enterprise architecture, strategy, and project management.

    Alex Coleman, Chief Information Officer at Saskatchewan Workers’ Compensation Board

    Alex Coleman is a strategic, innovative, and results-driven business leader with a proven track record of 20+ years’ experience planning, developing, and implementing global business and technology solutions across multiple industries in the private, public, and not-for-profit sectors. Alex’s expertise includes program management, integration, and project management.

    L.C. (Skip) Lumley , Student of Enterprise and Business Architecture

    Skip Lumley was formerly a Senior Principle at KPMG Canada. He is now post-career and spends his time helping move enterprise business architecture practices forward. His areas of expertise include enterprise architecture program implementation and public sector enterprise architecture business development.

    Additional contributors

    • Tim Gangwish, Enterprise Architect at Elavon
    • Darryl Garmon, Senior Vice President at Elavon
    • Steve Ranaghan, EMEIA business engagement at Fujitsu

    Improve Application Development Throughput

    • Buy Link or Shortcode: {j2store}151|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $59,399 Average $ Saved
    • member rating average days saved: 39 Average Days Saved
    • Parent Category Name: Development
    • Parent Category Link: /development
    • The business is demanding more features at an increasing pace. It is expecting your development teams to keep up with its changing needs while maintaining high quality.
    • However, your development process is broken. Tasks are taking significant time to complete, and development handoffs are not smooth.

    Our Advice

    Critical Insight

    • Lean development is independent of your software development lifecycle (SDLC) methodology. Lean development practices can be used in both Agile and Waterfall teams.
    • Lean isn’t about getting rid of sound development processes. Becoming lean means fine-tuning the integration of core practices like coding and testing.
    • Lean thinking motivates automation. By focusing on optimizing the development process, automation becomes a logical and necessary step toward greater maturity and improved throughput.

    Impact and Result

    • Gain a deep understanding of lean principles and associated behaviors. Become familiar with the core lean principles and the critical attitudes and mindsets required by lean. Understand how incorporating DevOps and Agile principles can help your organization.
    • Conduct a development process and tool review. Use a value-stream analysis of your current development process and tools to reveal bottlenecks and time-consuming or wasteful tasks. Analyze these insights to identify root causes and the impact to product delivery.
    • Incorporate the right tools and practices to become more lean. Optimize the key areas where you are experiencing the most pain and consuming the most resources. Look at how today’s best development and testing practices (e.g. version control, branching) and tools (e.g. automation, continuous integration) can improve the throughput of your delivery pipeline.

    Improve Application Development Throughput Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should make development teams leaner, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Conduct a current state analysis

    Acquire a holistic perspective of the development team, process, and tools to identify the bottlenecks and inefficiency points that are significantly delaying releases.

    • Improve Application Development Throughput – Phase 1: Conduct a Current State Analysis
    • Lean Implementation Roadmap Template
    • Lean Development Readiness Assessment

    2. Define the lean future state

    Identify the development guiding principles and artifact management practices and build automation and continuous integration processes and tools that best fit the context and address the organization’s needs.

    • Improve Application Development Throughput – Phase 2: Define the Lean Future State

    3. Create an implementation roadmap

    Prioritize lean implementation initiatives in a gradual, phased approach and map the critical stakeholders in the lean transformation.

    • Improve Application Development Throughput – Phase 3: Create an Implementation Roadmap
    [infographic]

    Workshop: Improve Application Development Throughput

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Conduct a Current State Analysis

    The Purpose

    Assess the current state of your development environment.

    Select a pilot project to demonstrate the value of your optimization.

    Key Benefits Achieved

    Realization of the root causes behind the bottlenecks and inefficiencies in your current development process.

    Valuation of your current development tools.

    Selection of a pilot project that will be used to gather the metrics in order obtain buy-in for wider optimization initiatives.

    Activities

    1.1 Assess your readiness to transition to lean development.

    1.2 Conduct a SWOT analysis and value-stream assessment of your current development process.

    1.3 Evaluate your development tools.

    1.4 Select a pilot project.

    Outputs

    Lean development readiness assessment

    Current state analysis of development process

    Value assessment of existing development tools

    Pilot project selection

    2 Define Your Lean Future State

    The Purpose

    Establish your development guiding principles.

    Enhance the versioning and management of your development artifacts.

    Automatically build and continuously integrate your code.

    Key Benefits Achieved

    Grounded and well-understood set of guiding principles that are mapped to development tasks and initiatives.

    Version control strategy of development artifacts, including source code, adapted to support lean development.

    A tailored approach to establish the right environment to support automated build, testing, and continuous integration tools.

    Activities

    2.1 Assess your alignment to the lean principles.

    2.2 Define your lean development guiding principles.

    2.3 Define your source code branching approach.

    2.4 Define your build automation approach.

    2.5 Define your continuous integration approach.

    Outputs

    Level of alignment to lean principles

    Development guiding principles

    Source code branching approach

    Build automation approach.

    Continuous integration approach

    3 Create Your Implementation Roadmap

    The Purpose

    Prioritize your optimization initiatives to build an implementation roadmap.

    Identify the stakeholders of your lean transformation.

    Key Benefits Achieved

    Phased implementation roadmap that accommodates your current priorities, constraints, and enablers.

    Stakeholder engagement strategy to effectively demonstrate the value of the optimized development environment.

    Activities

    3.1 Identify metrics to gauge the success of your lean transformation.

    3.2 List and prioritize your implementation steps.

    3.3 Identify the stakeholders of your lean transformation.

    Outputs

    List of product, process, and tool metrics

    Prioritized list of tasks to optimize your development environment

    Identification of key stakeholders

    The Small Enterprise Guide to People and Resource Management

    • Buy Link or Shortcode: {j2store}602|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Train & Develop
    • Parent Category Link: /train-and-develop
    • 52% of small business owners agree that labor quality is their most important problem, and 76% of executives expect the talent market to get even more challenging.
    • The problem? You can't compete on salary, training budgets are slim, you need people skilled in all areas, and even one resignation represents a large part of your workforce.

    Our Advice

    Critical Insight

    • The usual, reactive approach to workforce management is risky:
      • Optimizing tactics helps you hire faster, train more, and negotiate better contracts.
      • But fulfilling needs as they arise costs more, has greater risk of failure, and leaves you unprepared for future needs.
    • In a small enterprise where every resource counts, in which one hire represents 10% of your workforce, it is essential to get it right.

    Impact and Result

    • Workforce planning helps you anticipate future needs.
    • More lead time means better decisions at lower cost.
    • Small Enterprises benefit most, since every resource counts.

    The Small Enterprise Guide to People and Resource Management Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. The Small Enterprise Guide to People and Resource Management Deck – Find out why workforce planning is critical for small enterprises.

    Use this storyboard to lay the foundation of people and resources management practices in your small enterprise IT department.

    • The Small Enterprise Guide to People and Resource Management – Phases 1-3

    2. Workforce Planning Workbook – Use the tool to successfully complete all of the activities required to define and estimate your workforce needs for the future.

    Use these concise exercises to analyze your department’s talent current and future needs and create a skill sourcing strategy to fill the gaps.

    • Workforce Planning Workbook for Small Enterprises

    3. Knowledge Transfer Tools – Use these templates to identify knowledge to be transferred.

    Work through an activity to discover key knowledge held by an employee and create a plan to transfer that knowledge to a successor.

    • IT Knowledge Identification Interview Guide Template
    • IT Knowledge Transfer Plan Template

    4. Development Planning Tools – Use these tools to determine priority development competencies.

    Assess employees’ development needs and draft a development plan that fits with key organizational priorities.

    • IT Competency Library
    • Leadership Competencies Workbook
    • IT Employee Career Development Workbook
    • Individual Competency Development Plan
    • Learning Methods Catalog for IT Employees

    Infographic

    Workshop: The Small Enterprise Guide to People and Resource Management

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Lay Your Foundations

    The Purpose

    Set project direction and analyze workforce needs.

    Key Benefits Achieved

    Planful needs analysis ensures future workforce supports organizational goals.

    Activities

    1.1 Set workforce planning goals and success metrics.

    1.2 Identify key roles and competency gaps.

    1.3 Conduct a risk analysis to identify future needs.

    1.4 Determine readiness of internal successors.

    Outputs

    Work with the leadership team to:

    Extract key business priorities.

    Set your goals.

    Assess workforce needs.

    2 Create Your Workforce Plan

    The Purpose

    Conduct a skill sourcing analysis, and determine competencies to develop internally.

    Key Benefits Achieved

    A careful analysis ensures skills are being sourced in the most efficient way, and internal development is highly aligned with organizational objectives.

    Activities

    2.1 Determine your skill sourcing route.

    2.2 Determine priority competencies for development.

    Outputs

    Create a workforce plan.

    2.Determine guidelines for employee development.

    3 Plan Knowledge Transfer

    The Purpose

    Discover knowledge to be transferred, and build a transfer plan.

    Key Benefits Achieved

    Ensure key knowledge is not lost in the event of a departure.

    Activities

    3.1 Discover knowledge to be transferred.

    3.2 Identify the optimal knowledge transfer methods.

    3.3 Create a knowledge transfer plan.

    Outputs

    Discover tacit and explicit knowledge.

    Create a knowledge transfer roadmap.

    4 Plan Employee Development

    The Purpose

    Create a development plan for all staff.

    Key Benefits Achieved

    A well-structured development plan helps engage and retain employees while driving organizational objectives.

    Activities

    4.1 Identify target competencies & draft development goals

    4.2 Select development activities and schedule check-ins.

    4.3 Build manager coaching skills.

    Outputs

    Assess employees.

    Prioritize development objectives.

    Plan development activities.

    Build management skills.

    Further reading

    The Small Enterprise Guide to People and Resource Management

    Quickly start getting the right people, with the right skills, at the right time

    Is this research right for you?

    Research Navigation

    Managing the people in your department is essential, whether you have three employees or 300. Depending on your available time, resources, and current workforce management maturity, you may choose to focus on the overall essentials, or dive deep into particular areas of talent management. Use the questions below to help guide you to the right Info-Tech resources that best align with your current needs.

    Question If you answered "no" If you answered "yes"

    Does your IT department have fewer than 15 employees, and is your organization's revenue less than $25 million (USD)?

    Review Info-Tech's archive of research for mid-sized and large enterprise clients.

    Follow the guidance in this blueprint.

    Does your organization require a more rigorous and customizable approach to workforce management?

    Follow the guidance in this blueprint.

    Review Info-Tech's archive of research for mid-sized and large enterprise clients.

    Analyst Perspective

    Workforce planning is even more important for small enterprises than large organizations.

    It can be tempting to think of workforce planning as a bureaucratic exercise reserved for the largest and most formal of organizations. But workforce planning is never more important than in small enterprises, where every individual accounts for a significant portion of your overall productivity.

    Without workforce planning, organizations find themselves in reactive mode, hiring new staff as the need arises. They often pay a premium for having to fill a position quickly or suffer productivity losses when a critical role goes unexpectedly vacant.

    A workforce plan helps you anticipate these challenges, come up with solutions to mitigate them, and allocate resources for the most impact, which means a greater return on your workforce investment in the long run.

    This blueprint will help you accomplish this quickly and efficiently. It will also provide you with the essential development and knowledge transfer tools to put your plan into action.

    This is a picture of Jane Kouptsova

    Jane Kouptsova
    Senior Research Analyst, CIO Advisory
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    52% of small business owners agree that labor quality is their most important problem.1

    Almost half of all small businesses face difficulty due to staff turnover.

    76% of executives expect the talent market to get even more challenging.2

    Common Obstacles

    76% of executives expect workforce planning to become a top strategic priority for their organization.2

    But…

    30% of small businesses do not have a formal HR function.3

    Small business leaders are often left at a disadvantage for hiring and retaining the best talent, and they face even more difficulty due to a lack of support from HR.

    Small enterprises must solve the strategic workforce planning problem, but they cannot invest the same time or resources that large enterprises have at their disposal.

    Info-Tech's Approach

    A modular, lightweight approach to workforce planning and talent management, tailored to small enterprises

    Clear activities that guide your team to decisive action

    Founded on your IT strategy, ensuring you have not just good people, but the right people

    Concise yet comprehensive, covering the entire workforce lifecycle from competency planning to development to succession planning and reskilling

    Info-Tech Insight

    Every resource counts. When one hire represents 10% of your workforce, it is essential to get it right.

    1CNBC & SurveyMonkey. 2ADP. 3Clutch.

    Labor quality is small enterprise's biggest challenge

    The key to solving it is strategic workforce planning

    Strategic workforce planning (SWP) is a systematic process designed to identify and address gaps in today's workforce, including pinpointing the human capital needs of the future.

    Linking workforce planning with strategic planning ensures that you have the right people in the right positions, in the right places, at the right time, with the knowledge, skills, and attributes to deliver on strategic business goals.

    SWP helps you understand the makeup of your current workforce and how well prepared it is or isn't (as the case may be) to meet future IT requirements. By identifying capability gaps early, CIOs can prepare to train or develop current staff and minimize the need for severance payouts and hiring costs, while providing clear career paths to retain high performers.

    52%

    of small business owners agree that labor quality is their most important problem.1

    30%

    30% of small businesses have no formal HR function.2

    76%

    of senior leaders expect workforce planning to become the top strategic challenge for their organization.3

    1CNBC & SurveyMonkey. 2Clutch. 3ADP.

    Workforce planning matters more for small enterprises

    You know that staffing mistakes can cost your department dearly. But did you know the costs are greater for small enterprises?

    The price of losing an individual goes beyond the cost of hiring a replacement, which can range from 0.5 to 2 times that employee's salary (Gallup, 2019). Additional costs include loss of productivity, business knowledge, and team morale.

    This is a major challenge for large organizations, but the threat is even greater for small enterprises, where a single individual accounts for a large proportion of IT's productivity. Losing one of a team of 10 means 10% of your total output. If that individual was solely responsible for a critical function, your department now faces a significant gap in its capabilities. And the effect on morale is much greater when everyone is on the same close-knit team.

    And the threat continues when the staffing error causes you not to lose a valuable employee, but to hire the wrong one instead. When a single individual makes up a large percentage of your workforce, as happens on small teams, the effects of talent management errors are magnified.

    A group of 100 triangles is shown above a group of 10 triangles. In each group, one triangle is colored orange, and the rest are colored blue.

    Info-Tech Insight

    One bad hire on a team of 100 is a problem. One bad hire on a team of 10 is a disaster.

    This is an image of Info-Tech's small enterprise guide o people and resource management.

    Blueprint pre-step: Determine your starting point

    People and Resource management is essential for any organization. But depending on your needs, you may want to start at different stages of the process. Use this slide as a quick reference for how the activities in this blueprint fit together, how they relate to other workforce management resources, and the best starting point for you.

    Your IT strategy is an essential input to your workforce plan. It defines your destination, while your workforce is the vessel that carries you there. Ensure you have at least an informal strategy for your department before making major workforce changes, or review Info-Tech's guidance on IT strategy.

    This blueprint covers the parts of workforce management that occur to some extent in every organization:

    • Workforce planning
    • Knowledge transfer
    • Development planning

    You may additionally want to seek guidance on contract and vendor management, if you outsource some part of your workload outside your core IT staff.

    Track metrics

    Consider these example metrics for tracking people and resource management success

    Project Outcome Metric Baseline Target
    Reduced training costs Average cost of training (including facilitation, materials, facilities, equipment, etc.) per IT employee
    Reduced number of overtime hours worked Average hours billed at overtime rate per IT employee
    Reduced length of hiring period Average number of days between job ad posting and new hire start date
    Reduced number of project cancellations due to lack of capacity Total of number of projects cancelled per year
    Increased number of projects completed per year (project throughput) Total number of project completions per year
    Greater net recruitment rate Number of new recruits/Number of terminations and departures
    Reduced turnover and replacement costs Total costs associated with replacing an employee, including position coverage cost, training costs, and productivity loss
    Reduced voluntary turnover rate Number of voluntary departures/Total number of employees
    Reduced productivity loss following a departure or termination Team or role performance metrics (varies by role) vs. one year ago

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2 Phase 3

    Call #1:

    Scope requirements, objectives, and your specific challenges.

    Call #2: Assess current workforce needs.

    Call #4: Determine skill sourcing route.

    Call #6:

    Identify knowledge to be transferred.

    Call #8: Draft development goals and select activities.

    Call #3: Explore internal successor readiness.

    Call #5:Set priority development competencies.

    Call #7: Create a knowledge transfer plan.

    Call #9: Build managers' coaching & feedback skills.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 4 to 6 calls over the course of 3 to 4 months.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Day 1

    Day 2

    Day 3

    Day 4

    Day 5

    1.Lay Your Foundations 2. Create Your Workforce Plan 3. Plan Knowledge Transfer 3. Plan Employee Development Next Steps and Wrap-Up (offsite)
    Activities

    1.1 Set workforce planning goals and success metrics

    1.2 Identify key roles and competency gaps

    1.3 Conduct a risk analysis to identify future needs

    1.4 Determine readiness of internal successors

    1.5 Determine your skill sourcing route

    1.6 Determine priority competencies for development

    3.1 Discover knowledge to be transferred

    3.2 Identify the optimal knowledge transfer methods

    3.3 Create a knowledge transfer plan

    4.1 Identify target competencies & draft development goals

    4.2 Select development activities and schedule check-ins

    4.3 Build manager coaching skills

    Outcomes

    Work with the leadership team to:

    1. Extract key business priorities
    2. Set your goals
    3. Assess workforce needs

    Work with the leadership team to:

    1. Create a workforce plan
    2. Determine guidelines for employee development

    Work with staff and managers to:

    1. Discover tacit and explicit knowledge
    2. Create a knowledge transfer roadmap

    Work with staff and managers to:

    1. Assess employees
    2. Prioritize development objectives
    3. Plan development activities
    4. Build management skills

    Info-Tech analysts complete:

    1. Workshop report
    2. Workforce plan record
    3. Action plan

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Each onsite day is structured with group working sessions from 9-11 a.m. and 1:30-3:30 p.m. and includes Open Analyst Timeslots, where our facilitators are available to expand on scheduled activities, capture and compile workshop results, or review additional components from our comprehensive approach.

    This is a calendar showing days 1-4, and times from 8am-5pm

    Phase 1

    Workforce Planning

    Workforce Planning

    Knowledge Transfer

    Development Planning

    Identify needs, goals, metrics, and skill gaps.

    Select a skill sourcing strategy.

    Discover critical knowledge.

    Select knowledge transfer methods.

    Identify priority competencies.

    Assess employees.

    Draft development goals.

    Provide coaching & feedback.

    The Small Enterprise Guide to People and Resource Management

    Phase Participants

    • Leadership team
    • Managers
    • Human resource partner (if applicable)

    Additional Resources

    Workforce Planning Workbook for Small Enterprises

    Phase pre-step: Gather resources and participants

    1. Ensure you have an up-to-date IT strategy. If you don't have a formal strategy in place, ensure you are aware of the main organizational objectives for the next 3-5 years. Connect with executive stakeholders if necessary to confirm this information.
      If you are not sure of the organizational direction for this time frame, we recommend you consult Info-Tech's material on IT strategy first, to ensure your workforce plan is fully positioned to deliver value to the organization.
    2. Consult with your IT team and gather any documentation pertaining to current roles and skills. Examples include an org chart, job descriptions, a list of current tasks performed/required, a list of company competencies, and a list of outsourced projects.
    3. Gather the right participants. Most of the decisions in this section will be made by senior leadership, but you will also need input from front-line managers. Ensure they are available on an as-needed basis. If your organization has an HR partner, it can also be helpful to involve them in your workforce planning process.

    Formal workforce planning benefits even small teams

    Strategic workforce planning (SWP) is a systematic process designed to identify and address gaps in your workforce today and plan for the human capital needs of the future.

    Your workforce plan is an extension of your IT strategy, ensuring that you have the right people in the right positions, in the right places, at the right time, with the knowledge, skills, and attributes to deliver on strategic business goals.

    SWP helps you understand the makeup of your current workforce and how well prepared it is or isn't (as the case may be) to meet future IT requirements. By identifying capability gaps early, CIOs can prepare to train or develop current staff and minimize the need for severance payouts and hiring costs, while providing clear career paths to retain high performers.

    The smaller the business, the more impact each individual's performance has on the overall success of the organization. When a given role is occupied by a single individual, the organization's performance in that function is determined wholly by one employee. Creating a workforce plan for a small team may seem excessive, but it ensures your organization is not unexpectedly hit with a critical competency gap.

    Right-size your workforce planning process to the size of your enterprise

    Small organizations are 2.2 times more likely to have effective workforce planning processes.1 Be mindful of the opportunities and risks for organizations of your size as you execute the project. How you build your workforce plan will not change drastically based on the size of your organization; however, the scope of your initiative, the size of your team, and the tactics you employ may vary.

    Small Organization

    Medium Organization

    Large Organization

    Project Opportunities

    • Project scope is much more manageable.
    • Communication and planning can be more manageable.
    • Fewer roles can clarify prioritization needs and promotability.
    • Project scope is more manageable.
    • Moderate budget for workforce planning initiatives is needed.
    • Communication and enforcement is easier.
    • Larger candidate pool to pull from.
    • Greater career path options for staff.
    • In-house expertise may be available

    Project Risks

    • Limited resources and time to execute the project.
    • In-house expertise is unlikely.
    • Competencies may be informal and not documented.
    • Limited overlap in responsibilities, resulting in fewer redundancies.
    • Limited staff with experience for the project.
    • Workforce planning may be a lower priority and difficult to generate buy-in for.
    • Requires more staff to manage workforce plan and execute initiatives.
    • Less collective knowledge on staff strengths may make career planning difficult.
    • Geographically dispersed business units make collaboration and communication difficult.

    1 McLean & Company Trends Report 2014

    1.1 Set project outcomes and success metrics

    1-3 hours

    1. As a group, brainstorm key pain points that the IT department experiences due to the lack of a workforce plan. Ask them to consider turnover, retention, training, and talent acquisition.
    2. Discuss any key themes that arise and brainstorm your desired project outcomes. Keep a record of these for future reference and to aid in stakeholder communication.
    3. Break into smaller groups (or if too small, continue as a single group):
      1. For each desired outcome, consider what metrics you could use to track progress. Keep your initial list of pain points in mind as you brainstorm metrics.
      2. Write each of the metric suggestions on a whiteboard and agree to track 3-5 metrics. Set targets for each metric. Consider the effort required to obtain and track the metric, as well as its reliability.
      3. Assign one individual for tracking the selected metrics. Following the meeting, that individual will be responsible for identifying the baseline and targets, and reporting on metrics progress.

    Input

    Output

    • List of workforce data available
    • List of workforce metrics to track the workforce plan's impact

    Materials

    Participants

    • Whiteboard/flip charts
    • Leadership team
    • Human resource partner (if applicable)

    1.2 Identify key roles and competency gaps

    1-3 hours

    1. As a group, identify all strategic, core, and supporting roles by reviewing the organizational chart:
      1. Strategic: What are the roles that must be filled by top performers and cannot be left vacant in order to meet strategic objectives?
      2. Core: What roles are important to drive operational excellence?
      3. Supporting: What roles are required for day-to-day work, but are low risk if the role is vacant for a period of time?
    2. Working individually or in small groups, have managers for each identified role define the level of competence required for the job. Consider factors such as:
      1. The difficulty or criticality of the tasks being performed
      2. The impact on job outcomes
      3. The impact on the performance of other employees
      4. The consequence of errors if the competency is not present
      5. How frequently the competency is used on the job
      6. Whether the competency is required when the job starts or can be learned or acquired on the job within the first six months
    3. Continue working individually and rate the level of proficiency of the current incumbent.
    4. As a group, review the assessment and make any adjustments.

    Record this information in the Workforce Planning Workbook for Small Enterprises.

    Download the Workforce Planning Workbook for Small Enterprises

    1.2 Identify key roles and competency gaps

    Input Output
    • Org chart, job descriptions, list of current tasks performed/required, list of company competencies
    • List of competency gaps for key roles
    Materials Participants
    • Leadership team
    • Managers

    Conduct a risk-of-departure analysis

    A risk-of-departure analysis helps you plan for future talent needs by identifying which employees are most likely to leave the organization (or their current role).

    A risk analysis takes into account two factors: an employee's risk for departure and the impact of departure:

    Employees are high risk for departure if they:

    • Have specialized or in-demand skills (tenured employees are more likely to have this than recent hires)
    • Are nearing retirement
    • Have expressed career aspirations that extend outside your organization
    • Have hit a career development ceiling at your organization
    • Are disengaged
    • Are actively job searching
    • Are facing performance issues or dismissal OR promotion into a new role

    Employees are low risk for departure if they:

    • Are a new hire or new to their role
    • Are highly engaged
    • Have high potential
    • Are 5-10 years out from retirement

    If you are not sure where an employee stands with respect to leaving the organization, consider having a development conversation with them. In the meantime, consider them at medium risk for departure.

    To estimate the impact of departure, consider:

    • The effect of losing the employee in the near- and medium-term, including:
      • Impact on the organization, department, unit/team and projects
      • The cost (in time, resources, and productivity loss) to replace the individual
      • The readiness of internal successors for the role

    1.3 Conduct a risk analysis to identify future needs

    1-3 hours

    Preparation: Your estimation of whether key employees are at risk of leaving the organization will depend on what you know of them objectively (skills, age), as well as what you learn from development conversations. Ensure you collect all relevant information prior to conducting this activity. You may need to speak with employees' direct managers beforehand or include them in the discussion.

    • As a group, list all your current employees, and using the previous slide for guidance, rank them on two parameters: risk of departure and impact of departure, on a scale of low to high. Record your conclusions in a chart like the one on the right. (For a more in-depth risk assessment, use the "Risk Assessment Results" tab of the Key Roles Succession Planning Tool.)
    • Employees that fall in the "Mitigate" quadrant represent key at-risk roles with at least moderate risk and moderate impact. These are your succession planning priorities. Add these roles to your list of key roles and competency gaps, and include them in your workforce planning analysis.
    • Employees that fall in the "Manage" quadrants represent secondary priorities, which should be looked at if there is capacity after considering the "Mitigate" roles.

    Record this information in the Workforce Planning Workbook for Small Enterprises.

    This is an image of the Risk analysis for risk of departure to importance of departure.

    Info-Tech Insight

    Don't be afraid to rank most or all your staff as "high impact of departure." In a small enterprise, every player counts, and you must plan accordingly.

    1.3 Conduct a risk analysis to identify future needs

    Input Output
    • Employee data on competencies, skills, certifications, and performance. Input from managers from informal development conversations.
    • A list of first- and second-priority at-risk roles to carry forward into a succession planning analysis
    Materials Participants
    • Leadership team
    • Managers

    Determine your skill sourcing route

    The characteristics of need steer hiring managers to a preferred choice, while the marketplace analysis will tell you the feasibility of each option.

    Sourcing Options

    Preferred Options

    Final Choice

    four blue circles

    A right facing arrow

    Two blue circles A right facing arrow One blue circle
    State of the Marketplace

    State of the Marketplace

    Urgency: How soon do we need this skill? What is the required time-to-value?

    Criticality: How critical, i.e. core to business goals, are the services or systems that this skill will support?

    Novelty: Is this skill brand new to our workforce?

    Availability: How often, and at what hours, will the skill be needed?

    Durability: For how long will this skill be needed? Just once, or indefinitely for regular operations?

    Scarcity: How popular or desirable is this skill? Do we have a large enough talent pool to draw from? What competition are we facing for top talent?

    Cost: How much will it cost to hire vs. contract vs. outsource vs. train this skill?

    Preparedness: Do we have internal resources available to cultivate this skill in house?

    1.4 Determine your skill sourcing route

    1-3 hours

    1. Identify the preferred sourcing method as a group, starting with the most critical or urgent skill need on your list. Use the characteristics of need to guide your discussion. If more than one option seems adequate, carry several over to the next step.
    2. Consider the marketplace factors applicable to the skill in question and use these to narrow down to one final sourcing decision.
      1. If it is not clear whether a suitable internal candidate is available or ready, refer to the next activity for a readiness assessment.
    3. Be sure to document the rationale supporting your decision. This will ensure the decision can be clearly communicated to any stakeholders, and that you can review on your decision-making process down the line.

    Record this information in the Workforce Planning Workbook for Small Enterprises.

    Info-Tech Insight

    Consider developing a pool of successors instead of pinning your hopes on just one person. A single pool of successors can be developed for either one key role that has specialized requirements or even multiple key roles that have generic requirements.

    Input

    Output

    • List of current and upcoming skill gaps
    • A sourcing decision for each skill

    Materials

    Participants

    • Leadership team
    • Human resource partner (if applicable)

    1.5 Determine readiness of internal successors

    1-3 hours

    1. As a group, and ensuring you include the candidates' direct managers, identify potential successors for the first role on your list.
    2. Ask how effectively the potential successor would serve in the role today. Review the competencies for the key role in terms of:
      1. Relationship-building skills
      2. Business skills
      3. Technical skills
      4. Industry-specific skills or knowledge
    3. Determine what competencies the succession candidate currently has and what must be learned. Be sure you know whether the candidate is open to a career change. Don't assume – if this is not clear, have a development conversation to ensure everyone is on the same page.
    4. Finally, determine how difficult it will be for the successor to acquire missing skills or knowledge, whether the resources are available to provide the required development, and how long it will take to provide it.
    5. As a group, decide whether training an internal successor is a viable option for the role in question, considering the successor's readiness and the characteristics of need for the role. If a clear successor is not readily apparent, consider:
      1. If the development of the successor can be fast-tracked, or if some requirements can be deprioritized and the successor provided with temporary support from other employees.
      2. If the role in question is being discussed because the current incumbent is preparing to leave, consider negotiating an arrangement that extends the incumbent's employment tenure.
    6. Record the decision and repeat for the next role on your list.

    Info-Tech Insight

    A readiness assessment helps to define not just development needs, but also any risks around the organization's ability to fill a key role.

    Input

    Output

    • List of roles for which you are considering training internally
    • Job descriptions and competency requirements for the roles
    • List of roles for which internal successors are a viable option

    Materials

    Participants

    • Leadership team
    • Candidates' direct managers, if applicable

    Use alternative work arrangements to gain time to prepare successors

    Alternative work arrangements are critical tools that employers can use to achieve a mutually beneficial solution that mitigates the risk of loss associated with key roles.

    Alternative work arrangements not only support employees who want to keep working, but more importantly, they allow the business to retain employees that are needed in key roles who are departure risks due to retirement.

    Viewing retirement as a gradual process can help you slow down skill loss in your organization and ensure you have sufficient time to train successors. Retiring workers are becoming increasingly open to alternative work arrangements. Among employed workers aged 50-75, more than half planned to continue working part-time after retirement.
    Source: Statistics Canada.

    Flexible work options are the most used form of alternative work arrangement

    A bar graph showing the percent of organizations who implemented alternate work arrangement, for Flexible work options; Contract based work; Part time roles; Graduated retirement programs; Part year jobs or job sharing; Increased PTO for employees over a certain age.

    Source: McLean & Company, N=44

    Choose the alternative work arrangement that works best for you and the employee

    Alternative Work Arrangement Description Ideal Use Caveats
    Flexible work options Employees work the same number of hours but have flexibility in when and where they work (e.g. from home, evenings). Employees who work fairly independently with no or few direct reports. Employee may become isolated or disconnected, impeding knowledge transfer methods that require interaction or one-on-one time.
    Contract-based work Working for a defined period of time on a specific project on a non-salaried or non-wage basis. Project-oriented work that requires specialized knowledge or skills. Available work may be sporadic or specific projects more intensive than the employee wants. Knowledge transfer must be built into the contractual arrangement.
    Part-time roles Half days or a certain number of days per week; indefinite with no end date in mind. Employees whose roles can be readily narrowed and upon whom people and critical processes are not dependent. It may be difficult to break a traditionally full-time job down into a part-time role given the size and nature of associated tasks.
    Graduated retirement Retiring employee has a set retirement date, gradually reducing hours worked per week over time. Roles where a successor has been identified and is available to work alongside the incumbent in an overlapping capacity while he or she learns. The role may only require a single FTE, and the organization may not be able to afford the amount of redundancy inherent in this arrangement.

    Choose the alternative work arrangement that works best for you and the employee

    Alternative Work Arrangement Description Ideal Use Caveats
    Part-year jobs or job sharing Working part of the year and having the rest of the year off, unpaid. Project-oriented work where ongoing external relationships do not need to be maintained. The employee is unavailable for knowledge transfer activities for a large portion of the year. Another risk is that the employee may opt not to return at the end of the extended time off with little notice.
    Increased paid time off Additional vacation days upon reaching a certain age. Best used as recognition or reward for long-term service. This may be a particularly useful retention incentive in organizations that do not offer pension plans. The company may not be able to financially afford to pay for such extensive time off. If the role incumbent is the only one in the role, this may mean crucial work is not being done.
    Altered roles Concentration of a job description on fewer tasks that allows the employee to focus on his or her specific expertise. Roles where a successor has been identified and is available to work alongside the incumbent, with the incumbent's new role highly focused on mentoring. The role may only require a single FTE, and the organization may not be able to afford the amount of redundancy inherent in this arrangement.

    Phase 2

    Knowledge Transfer

    Workforce Planning

    Knowledge Transfer

    Development Planning

    Identify needs, goals, metrics, and skill gaps.

    Select a skill sourcing strategy.

    Discover critical knowledge.

    Select knowledge transfer methods.

    Identify priority competencies.

    Assess employees.

    Draft development goals.

    Provide coaching & feedback.

    The Small Enterprise Guide to People and Resource Management

    Phase Participants

    • Leadership/management team
    • Incumbent & successor

    Additional Resources

    IT Knowledge Identification Interview Guide Template

    Knowledge Transfer Plan Template

    Determine your skill sourcing route

    Knowledge transfer plans have three key components that you need to complete for each knowledge source:

    Define what knowledge needs to be transferred

    Each knowledge source has unique information which needs to be transferred. Chances are you don't know what you don't know. The first step is therefore to interview knowledge sources to find out.

    Identify the knowledge receiver

    Depending on who the information is going to, the knowledge transfer tactic you employ will differ. Before deciding on the knowledge receiver and tactic, consider three key factors:

    • How will this knowledge be used in the future?
    • What is the next career step for the knowledge receiver?
    • Are the receiver and the source going to be in the same location?

    Identify which knowledge transfer tactics you will use for each knowledge asset

    Not all tactics are good in every situation. Always keep the "knowledge type" (information, process, skills, and expertise), knowledge sources' engagement level, and the knowledge receiver in mind as you select tactics.

    Don't miss tacit knowledge

    There are two basic types of knowledge: "explicit" and "tacit." Ensure you capture both to get a well-rounded overview of the role.

    Explicit Tacit
    • "What knowledge" – knowledge can be articulated, codified, and easily communicated.
    • Easily explained and captured – documents, memos, speeches, books, manuals, process diagrams, facts, etc.
    • Learn through reading or being told.
    • "How knowledge" – intangible knowledge from an individual's experience that is more from the process of learning, understanding, and applying information (insights, judgments, and intuition).
    • Hard to verbalize, and difficult to capture and quantify.
    • Learn through observation, imitation, and practice.

    Types of explicit knowledge

    Types of tacit knowledge

    Information Process Skills Expertise

    Specialized technical knowledge.

    Unique design capabilities/methods/models.

    Legacy systems, details, passwords.

    Special formulas/algorithms/ techniques/contacts.

    • Specialized research & development processes.
    • Proprietary production processes.
    • Decision-making processes.
    • Legacy systems.
    • Variations from documented processes.
    • Techniques for executing on processes.
    • Relationship management.
    • Competencies built through deliberate practice enabling someone to act effectively.
    • Company history and values.
    • Relationships with key stakeholders.
    • Tips and tricks.
    • Competitor history and differentiators.

    e.g. Knowing the lyrics to a song, building a bike, knowing the alphabet, watching a YouTube video on karate.

    e.g. Playing the piano, riding a bike, reading or speaking a language, earning a black belt in karate.

    Embed your knowledge transfer methods into day-to-day practice

    Multiple methods should be used to transfer as much of a person's knowledge as possible, and mentoring should always be one of them. Select your method according to the following criteria:

    Info-Tech Insight

    The more integrated knowledge transfer is in day-to-day activities, the more likely it is to be successful, and the lower the time cost. This is because real learning is happening at the same time real work is being accomplished.

    Type of Knowledge

    • Tacit knowledge transfer methods are often informal and interactive:
      • Mentoring
      • Multi-generational work teams
      • Networks and communities
      • Job shadowing
    • Explicit knowledge transfer methods tend to be more formal and one way:
      • Formal documentation of processes and best practices
      • Self-published knowledge bases
      • Formal training sessions
      • Formal interviews

    Incumbent's Preference/Successor's Preference

    Ensure you consult the employees, and their direct manager, on the way they are best prepared to teach and learn. Some examples of preferences include:

    1. Prefer traditional classroom learning, augmented with participation, critical reflection, and feedback.
    2. May get bored during formal training sessions and retain more during job shadowing.
    3. Prefer to be self-directed or self-paced, and highly receptive to e-learning and media.
    4. Prefer informal, incidental learning, tend to go immediately to technology or direct access to people. May have a short attention span and be motivated by instant results.
    5. May be uncomfortable with blogs and wikis, but comfortable with SharePoint.

    Cost

    Consider costs beyond the monetary. Some methods require an investment in time (e.g. mentoring), while others require an investment in technology (e.g. knowledge bases).

    The good news is that many supporting technologies may already exist in your organization or can be acquired for free.

    Methods that cost time may be difficult to get underway since employees may feel they don't have the time or must change the way they work.

    2.1 Create a knowledge transfer plan

    1-3 hours

    1. Working together with the current incumbent, brainstorm the key information pertaining to the role that you want to pass on to the successor. Use the IT Knowledge Identification Interview Guide Template to ensure you don't miss anything.
      • Consider key knowledge areas, including:
        • Specialized technical knowledge.
        • Specialized research and development processes.
        • Unique design capabilities/methods/models.
        • Special formulas/algorithms/techniques.
        • Proprietary production processes.
        • Decision-making criteria.
        • Innovative sales methods.
        • Knowledge about key customers.
        • Relationships with key stakeholders.
        • Company history and values.
      • Ask questions of both sources and receivers of knowledge to help determine the best knowledge transfer methods to use.
        • What is the nature of the knowledge? Explicit or tacit?
        • Why is it important to transfer?
        • How will the knowledge be used?
        • What knowledge is critical for success?
        • How will the users find and access it?
        • How will it be maintained and remain relevant and usable?
        • What are the existing knowledge pathways or networks connecting sources to recipients?
    2. Once the knowledge has been identified, use the information on the following slides to decide on the most appropriate methods. Be sure to consult the incumbent and successor on their preferences.
    3. Prioritize your list of knowledge transfer activities. It's important not to try to do too much too quickly. Focus on some quick wins and leverage the success of these initiatives to drive the project forward. Follow these steps as a guide:
      1. Take an inventory of all the tactics and techniques which you plan to employ. Eliminate redundancies where possible.
      2. Start your implementation with your highest risk role or knowledge item, using explicit knowledge transfer tactics. Interviews, use cases, and process mapping will give you some quick wins and will help gain momentum for the project.
      3. Then move forward to other tactics, the majority of which will require training and process design. Pick 1-2 other key tactics you would like to employ and build those out. For tactics that require resources or monetary investment, start with those that can be reused for multiple roles.

    Record your plan in the IT Knowledge Transfer Plan Template.

    Download the IT Knowledge Identification Interview Guide Template

    Download the Knowledge Transfer Plan Template

    Info-Tech Insight

    Wherever possible, ask employees about their personal learning styles. It's likely that a collaborative compromise will have to be struck for knowledge transfer to work well.

    2.1 Create a knowledge transfer plan

    Input

    Output

    • List of roles for which you need to transfer knowledge
    • Prioritized list of knowledge items and chosen transfer method

    Materials

    Participants

    • Leadership team
    • Incumbent
    • Successor

    Not every transfer method is effective for every type of knowledge

    Knowledge Type
    Tactic Explicit Tacit
    Information Process Skills Expertise
    Interviews Very Strong Strong Strong Strong
    Process Mapping Medium Very Strong Very Weak Very Weak
    Use Cases Medium Very Strong Very Weak Very Weak
    Job Shadow Very Weak Medium Very Strong Very Strong
    Peer Assist Strong Medium Very Strong Very Strong
    Action Review Medium Medium Strong Strong
    Mentoring Weak Weak Strong Very Strong
    Transition Workshop Strong Strong Strong Weak
    Storytelling Weak Weak Strong Very Strong
    Job Share Weak Weak Very Strong Very Strong
    Communities of Practice Strong Weak Very Strong Very Strong

    This table shows the relative strengths and weaknesses of each knowledge transfer tactic compared against four different knowledge types.

    Not all techniques are effective for all types of knowledge; it is important to use a healthy mixture of techniques to optimize effectiveness.

    Employees' engagement can impact knowledge transfer effectiveness

    Level of Engagement
    Tactic Disengaged/ Indifferent Almost Engaged - Engaged
    Interviews Yes Yes
    Process Mapping Yes Yes
    Use Cases Yes Yes
    Job Shadow No Yes
    Peer Assist Yes Yes
    Action Review Yes Yes
    Mentoring No Yes
    Transition Workshop Yes Yes
    Storytelling No Yes
    Job Share Maybe Yes
    Communities of Practice Maybe Yes

    When considering which tactics to employ, it's important to consider the knowledge holder's level of engagement. Employees who you would identify as being disengaged may not make good candidates for job shadowing, mentoring, or other tactics where they are required to do additional work or are asked to influence others.

    Knowledge transfer can be controversial for all employees as it can cause feelings of job insecurity. It's essential that motivations for knowledge transfer are communicated effectively.

    Pay particular attention to your communication style with disengaged and indifferent employees, communicate frequently, and tie communication back to what's in it for them.

    Putting disengaged employees in a position where they are mentoring others can be a risk, as their negativity could influence others not to participate, or it could negate the work you're doing to create a positive knowledge sharing culture.

    Employees' engagement can impact knowledge transfer effectiveness

    Effort by Stakeholder

    Tactic

    Business Analyst

    IT Manager

    Knowledge Holder

    Knowledge Receiver

    Interviews

    These tactics require the least amount of effort, especially for organizations that are already using these tactics for a traditional requirements gathering process.

    Medium

    N/A

    Low

    Low

    Process Mapping

    Medium

    N/A

    Low

    Low

    Use Cases

    Medium

    N/A

    Low

    Low

    Job Shadow

    Medium

    Medium

    Medium

    Medium

    Peer Assist

    Medium

    Medium

    Medium

    Medium

    Action Review

    These tactics generally require more involvement from IT management and the BA in tandem for preparation. They will also require ongoing effort for all stakeholders. It's important to gain stakeholder buy-in as it is key for success.

    Low

    Medium

    Medium

    Low

    Mentoring

    Medium

    High

    High

    Medium

    Transition Workshop

    Medium

    Low

    Medium

    Low

    Storytelling

    Medium

    Medium

    Low

    Low

    Job Share

    Medium

    High

    Medium

    Medium

    Communities of Practice

    High

    Medium

    Medium

    Medium

    Phase 3

    Development Planning

    Workforce Planning

    Knowledge Transfer

    Development Planning

    Identify needs, goals, metrics, and skill gaps.

    Select a skill sourcing strategy.

    Discover critical knowledge.

    Select knowledge transfer methods.

    Identify priority competencies.

    Assess employees.

    Draft development goals.

    Provide coaching & feedback.

    The Small Enterprise Guide to People and Resource Management

    Phase Participants

    • Leadership team
    • Managers
    • Employees

    Additional Resources

    Effective development planning hinges on robust performance management

    Your performance management framework is rooted in organizational goals and defines what it means to do any given role well.

    Your organization's priority competencies are the knowledge, skills and attributes that enable an employee to do the job well.

    Each individual's development goals are then aimed at building these priority competencies.

    Mission Statement

    To be the world's leading manufacturer and distributor of widgets.

    Business Goal

    To increase annual revenue by 10%.

    IT Department Objective

    To ensure reliable communications infrastructure and efficient support for our sales and development teams.

    Individual Role Objective

    To decrease time to resolution of support requests by 10% while maintaining quality.

    Info-Tech Insight

    Without a performance management framework, your employees cannot align their development with the organization's goals. For detailed guidance, see Info-Tech's blueprint Setting Meaningful Employee Performance Measures.

    What is a competency?

    The term "competency" refers to the collection of knowledge, skills, and attributes an employee requires to do a job well.

    Often organizations have competency frameworks that consist of core, leadership, and functional competencies.

    Core competencies apply to every role in the organization. Typically, they are tied to organizational values and business mission and/or vision.

    Functional competencies are at the department, work group, or job role levels. They are a direct reflection of the function or type of work carried out.

    Leadership competencies generally apply only to people managers in the organization. Typically, they are tied to strategic goals in the short to medium term

    Generic Functional
    • Core
    • Leadership
    • IT
    • Finance
    • Sales
    • HR

    Use the SMART model to make sure goals are reasonable and attainable

    S

    Specific: Be specific about what you want to accomplish. Think about who needs to be involved, what you're trying to accomplish, and when the goal should be met.

    M

    Measurable: Set metrics that will help to determine whether the goal has been reached.

    A

    Achievable: Ensure that you have both the organizational resources and employee capability to accomplish the goal.

    R

    Relevant: Goals must align with broader business, department, and development goals in order to be meaningful.

    T

    Time-bound: Provide a target date to ensure the goal is achievable and provide motivation.

    Example goal:

    "Learn Excel this summer."

    Problems:

    Not specific enough, not measurable enough, nor time bound.

    Alternate SMART goal:

    "Consult with our Excel expert and take the lead on creating an Excel tool in August."

    3.2 Identify target competencies & draft development goals

    1 hour

    Pre-work: Employees should come to the career conversation having done some self-reflection. Use Info-Tech's IT Employee Career Development Workbook to help employees identify their career goals.

    1. Pre-work: Managers should gather any data they have on the employee's current proficiency at key competencies. Potential sources include task-based assessments, performance ratings, supervisor or peer feedback, and informal conversation.

      Prioritize competencies. Using your list of priority organizational competencies, work with your employees to help them identify two to four competencies to focus on developing now and in the future. Use the Individual Competency Development Plan template to document your assessment and prioritize competencies for development. Consider the following questions for guidance:
      1. Which competencies are needed in my current role that I do not have full proficiency in?
      2. Which competencies are related to both my career interests and the organization's priorities?
      3. Which competencies are related to each other and could be developed together or simultaneously?
    2. Draft goals. Ask your employee to create a list of multiple simple goals to develop the competencies they have selected to work on developing over the next year. Identifying multiple goals helps to break development down into manageable chunks. Ensure goals are concrete, for example, if the competency is "communication skills," your development goals could be "presentation skills" and "business writing."
    3. Review goals:
      1. Ask why these areas are important to the employee.
      2. Share your ideas and why it is important that the employee develop in the areas identified.
      3. Ensure that the goals are realistic. They should be stretch goals, but they must be achievable. Use the SMART framework on the previous slide for guidance.

    Info-Tech Insight

    Lack of career development is the top reason employees leave organizations. Development activities need to work for both the organization and the employee's own development, and clearly link to advancing employees' careers either at the organization or beyond.

    Download the IT Employee Career Development Workbook

    Download the Individual Competency Development Plan

    3.2 Identify target competencies & draft development goals

    Input

    Output

    • Employee's career aspirations
    • List of priority organizational competencies
    • Assessment of employee's current proficiency
    • A list of concrete development goals

    Materials

    Participants

    • Employee
    • Direct manager

    Apply a blend of learning methods

    • Info-Tech recommends the 70-20-10 principle for learning and development, which places the greatest emphasis on learning by doing. This experiential learning is then supported by feedback from mentoring, training, and self-reflection.
    • Use the 70-20-10 principle as a guideline – the actual breakdown of your learning methods will need to be tailored to best suit your organization and the employee's goals.

    Spend development time and effort wisely:

    70%

    On providing challenging on-the-job opportunities

    20%

    On establishing opportunities for people to develop learning relationships with others, such as coaching and mentoring

    10%

    On formal learning and training programs

    Internal initiatives are a cost-effective development aid

    Internal Initiative

    What Is It?

    When to Use It

    Special Project

    Assignment outside of the scope of the day-to-day job (e.g. work with another team on a short-term initiative).

    As an opportunity to increase exposure and to expand skills beyond those required for the current job.

    Stretch Assignment

    The same projects that would normally be assigned, but in a shorter time frame or with a more challenging component.

    Employee is consistently meeting targets and you need to see what they're capable of.

    Training Others

    Training new or more junior employees on their position or a specific process.

    Employee wants to expand their role and responsibility and is proficient and positive.

    Team Lead On an Assignment

    Team lead for part of a project or new initiative.

    To prepare an employee for future leadership roles by increasing responsibility and developing basic managerial skills.

    Job Rotation

    A planned placement of employees across various roles in a department or organization for a set period of time.

    Employee is successfully meeting and/or exceeding job expectations in their current role.

    Incorporating a development objective into daily tasks

    What do we mean by incorporating into daily tasks?

    The next time you assign a project to an employee, you should also ask the employee to think about a development goal for the project. Try to link it back to their existing goals or have them document a new goal in their development plan.

    For example: A team of employees always divides their work in the same way. Their goal for their next project could be to change up the division of responsibility so they can learn each other's roles.

    Another example:

    "I'd like you to develop your ability to explain technical terms to a non-technical audience. I'd like you to sit down with the new employee who starts tomorrow and explain how to use all our software, getting them up and running."

    Info-Tech Insight

    Employees often don't realize that they are being developed. They either think they are being recognized for good work or they are resentful of the additional workload.

    You need to tell your employees that the activity you are asking them to do is intended to further their development.

    However, be careful not to sell mundane tasks as development opportunities – this is offensive and detrimental to engagement.

    Establish manager and employee accountability for following up

    Ensure that the employee makes progress in developing prioritized competencies by defining accountabilities:

    Tracking Progress

    Checking In

    Development Meetings

    Coaching & Feedback

    Employee accountability:

    • Employees need to keep track of what they learn.
    • Employees should take the time to reflect on their progress.

    Manager accountability:

    • Managers need to make the time for employees to reflect.

    Employee accountability:

    • Employees need to provide managers with updates and ask for help.

    Manager accountability:

    • Managers need to check in with employees to see if they need additional resources.

    Employee accountability:

    • Employees need to complete assessments again to determine whether they have made progress.

    Manager accountability:

    • Managers should schedule monthly meetings to discuss progress and identify next steps.

    Employee accountability:

    • Employees should ask their manager and colleagues for feedback after development activities.

    Manager accountability:

    • Managers can use both scheduled meetings and informal conversations to provide coaching and feedback to employees.

    3.3 Select development activities and schedule check-ins

    1-3 hours

    Pre-work: Employees should research potential development activities and come prepared with a range of suggestions.

    Pre-work: Managers should investigate options for employee development, such as internal training/practice opportunities for the employee's selected competencies and availability of training budget.

    1. Communicate your findings about internal opportunities and external training allowance to the employee. This can also be done prior to the meeting, to help guide the employee's own research. Address any questions or concerns.
    2. Review the employee's proposed list of activities, and identify priority ones based on:
      1. How effectively they support the development of priority competencies.
      2. How closely they match the employee's original goals.
      3. The learning methods they employ, and whether the chosen activities support a mix of different methods.
      4. The degree to which the employee will have a chance to practice new skills hands-on.
      5. The amount of time the activities require, balanced against the employee's work obligations.
    3. Guide the employee in selecting activities for the short and medium term. Establish an understanding that this list is tentative and subject to ongoing revision during future check-ins.
      1. If in doubt about whether the employee is over-committing, err on the side of fewer activities to start.
    4. Schedule a check-in for one month out to review progress and roadblocks, and to reaffirm priorities.
    5. Check-ins should be repeated regularly, typically once a month.

    Download the Learning Methods Catalog

    Info-Tech Insight

    Adopt a blended learning approach using a variety of techniques to effectively develop competencies. This will reinforce learning and accommodate different learning styles. See Info-Tech's Learning Methods Catalog for a description of popular experiential, relational, and formal learning methods.

    3.3 Select development activities and schedule check-ins

    Input

    Output

    • List of potential development activities (from employee)
    • List of organizational resources (from manager)
    • A selection of feasible development activities
    • Next check-in scheduled

    Materials

    Participants

    • Employee
    • Direct manager

    Tips for tricky conversations about development

    What to do if…

    Employees aren't interested in development:

    • They may have low aspiration for advancement.
    • Remind them about the importance of staying current in their role given increasing job requirements.
    • Explain that skill development will make their job easier and make them more successful at it; sell development as a quick and effective way to learn the skill.
    • Indicate your support and respond to concerns.

    Employees have greater aspiration than capability:

    • Explain that there are a number of skills and capabilities that they need to improve in order to move to the next level. If the specific skills were not discussed during the performance appraisal, do not hesitate to explain the improvements that you require.
    • Inform the employee that you want them to succeed and that by pushing too far and too fast they risk failure, which would not be beneficial to anyone.
    • Reinforce that they need to do their current job well before they can be considered for promotion.

    Employees are offended by your suggestions:

    • Try to understand why they are offended. Before moving forward, clarify whether they disagree with the need for development or the method by which you are recommending they be developed.
    • If it is because you told them they had development needs, then reiterate that this is about helping them to become better and that everyone has areas to develop.
    • If it is about the development method, discuss the different options, including the pros and cons of each.

    Coaching and feedback skills help managers guide employee development

    Coaching and providing feedback are often confused. Managers often believe they are coaching when they are just giving feedback. Learn the difference and apply the right approach for the right situation.

    What is coaching?

    A conversation in which a manager asks questions to guide employees to solve problems themselves.

    Coaching is:

    • Future-focused
    • Collaborative
    • Geared toward growth and development

    What is feedback?

    Information conveyed from the manager to the employee about their performance.

    Feedback is:

    • Past-focused
    • Prescriptive
    • Geared toward behavior and performance

    Info-Tech Insight

    Don't forget to develop your managers! Ensure coaching, feedback, and management skills are part of your management team's development plan.

    Understand the foundations of coaching to provide effective development coaching:

    Knowledge Mindset Relationship
    • Understand what coaching is and how to apply it:
    • Identify when to use coaching, feedback, or other people management practices, and how to switch between them.
    • Know what coaching can and cannot accomplish.
    • When focusing on performance, guide an employee to solve problems related to their work. When focusing on development, guide an employee to reach their own development goals.
    • Adopt a coaching mindset by subscribing to the following beliefs:
    • Employees want to achieve higher performance and have the potential to do so.
    • Employees have a unique and valuable perspective to share of the challenges they face as well as the possible solutions.
    • Employees should be empowered to realize solutions themselves to motivate them in achieving goals.
    • Develop a relationship of trust between managers and employees:
    • Create an environment of psychological safety where employees feel safe to be open and honest.
    • Involve employees in decision making and inform employees often.
    • Invest in employees' success.
    • Give and expect candor.
    • Embrace failure.

    Apply the "4A" behavior-focused coaching model

    Using a model allows every manager, even those with little experience, to apply coaching best practices effectively.

    Actively Listen

    Ask

    Action Plan

    Adapt

    Engage with employees and their message, rather than just hearing their message.

    Key active listening behaviors:

    • Provide your undivided attention.
    • Observe both spoken words and body language.
    • Genuinely try to understand what the employee is saying.
    • Listen to what is being said, then paraphrase back what you heard.

    Ask thoughtful, powerful questions to learn more information and guide employees to uncover opportunities and/or solutions.

    Key asking behaviors:

    • Ask open-ended questions.
    • Ask questions to learn something you didn't already know.
    • Ask for reasoning (the why).
    • Ask "what else?"

    Hold employees and managers accountable for progress and results.

    During check-ins, review each development goal to ensure employees are meeting their targets.

    Key action planning behaviors:

    Adapt to individual employees and situations.

    Key adapting behaviors:

    • Recognize employees' unique characteristics.
    • Appreciate the situation at hand and change your behavior and communication in order to best support the individual employee.

    Use the following questions to have meaningful coaching conversations

    Opening Questions

    • What's on your mind?
    • Do you feel you've had a good week/month?
    • What is the ideal situation?
    • What else?

    Problem-Identifying Questions

    • What is most important here?
    • What is the challenge here for you?
    • What is the real challenge here for you?
    • What is getting in the way of you achieving your goal?

    Problem-Solving Questions

    • What are some of the options available?
    • What have you already tried to solve this problem? What worked? What didn't work?
    • Have you considered all the possibilities?
    • How can I help?

    Next-Steps Questions

    • What do you need to do, and when, to achieve your goal?
    • What resources are there to help you achieve your goal? This includes people, tools, or even resources outside our organization.
    • How will you know when you have achieved your goal? What does success look like?

    The purpose of asking questions is to guide the conversation and learn something you didn't already know. Choose the questions you ask based on the flow of the conversation and on what information you would like to uncover. Approach the answers you get with an open mind.

    Info-Tech Insight

    Avoid the trap of "hidden agenda" questions, whose real purpose is to offer your own advice.

    Use the following approach to give effective feedback

    Provide the feedback in a timely manner

    • Plan the message you want to convey.
    • Provide feedback "just-in-time."
    • Ensure recipient is not preoccupied.
    • Try to balance the feedback; refer to successful as well as unsuccessful behavior.

    Communicate clearly, using specific examples and alternative behaviors

    • Feedback must be honest and helpful.
    • Be specific and give a recent example.
    • Be descriptive, not evaluative.
    • Relate feedback to behaviors that can be changed.
    • Give an alternative positive behavior.

    Confirm their agreement and understanding

    • Solicit their thoughts on the feedback.
    • Clarify if not understood; try another example.
    • Confirm recipient understands and accepts the feedback.

    Manager skill is crucial to employee development

    Development is a two-way street. This means that while employees are responsible for putting in the work, managers must enable their development with support and guidance. The latter is a skill, which managers must consciously cultivate.

    For more in-depth management skills development, see the Info-Tech "Build a Better Manager" training resources:

    Bibliography

    Anderson, Kelsie. "Is Your IT Department Prepared for the 4 Biggest Challenges of 2017?" 14 June 2017.
    Atkinson, Carol, and Peter Sandiford. "An Exploration of Older Worker Flexible Working Arrangements in Smaller Firms." Human Resource Management Journal, vol. 26, no. 1, 2016, pp. 12–28. Wiley Online Library.
    BasuMallick, Chiradeep. "Top 8 Best Practices for Employee Cross-Training." Spiceworks, 15 June 2020.
    Birol, Andy. "4 Ways You Can Succeed With a Staff That 'Wears Multiple Hats.'" The Business Journals, 26 Nov. 2013.
    Bleich, Corey. "6 Major Benefits To Cross-Training Employees." EdgePoint Learning, 5 Dec. 2018.
    Cancialosi, Chris. "Cross-Training: Your Best Defense Against Indispensable Employees." Forbes, 15 Sept. 2014.
    Cappelli, Peter, and Anna Tavis. "HR Goes Agile." Harvard Business Review, Mar. 2018.
    Chung, Kai Li, and Norma D'Annunzio-Green. "Talent Management Practices of SMEs in the Hospitality Sector: An Entrepreneurial Owner-Manager Perspective." Worldwide Hospitality and Tourism Themes, vol. 10, no. 4, Jan. 2018.
    Clarkson, Mary. Developing IT Staff: A Practical Approach. Springer Science & Business Media, 2012.
    "CNBC and SurveyMonkey Release Latest Small Business Survey Results." Momentive, 2019. Press Release. Accessed 6 Aug. 2020.
    Cselényi, Noémi. "Why Is It Important for Small Business Owners to Focus on Talent Management?" Jumpstart:HR | HR Outsourcing and Consulting for Small Businesses and Startups, 25 Mar. 2013.
    dsparks. "Top 10 IT Concerns for Small Businesses." Stratosphere Networks IT Support Blog - Chicago IT Support Technical Support, 16 May 2017.
    Duff, Jimi. "Why Small to Mid-Sized Businesses Need a System for Talent Management | Talent Management Blog | Saba Software." Saba, 17 Dec. 2018.
    Employment and Social Development Canada. "Age-Friendly Workplaces: Promoting Older Worker Participation." Government of Canada, 3 Oct. 2016.
    Exploring Workforce Planning. Accenture, 23 May 2017.
    "Five Major IT Challenges Facing Small and Medium-Sized Businesses." Advanced Network Systems. Accessed 25 June 2020.
    Harris, Evan. "IT Problems That Small Businesses Face." InhouseIT, 17 Aug. 2016.
    Heathfield, Susan. "What Every Manager Needs to Know About Succession Planning." Liveabout, 8 June 2020.
    ---. "Why Talent Management Is an Important Business Strategy." Liveabout, 29 Dec. 2019.
    Herbert, Chris. "The Top 5 Challenges Facing IT Departments in Mid-Sized Companies." ExpertIP, 25 June 2012.
    How Smaller Organizations Can Use Talent Management to Accelerate Growth. Avilar. Accessed 25 June 2020.
    Krishnan, TN, and Hugh Scullion. "Talent Management and Dynamic View of Talent in Small and Medium Enterprises." Human Resource Management Review, vol. 27, no. 3, Sept. 2017, pp. 431–41.
    Mann Jackson, Nancy. "Strategic Workforce Planning for Midsized Businesses." ADP, 6 Feb. 2017.
    McCandless, Karen. "A Beginner's Guide to Strategic Talent Management (2020)." The Blueprint, 26 Feb. 2020.
    McFeely, Shane, and Ben Wigert. "This Fixable Problem Costs U.S. Businesses $1 Trillion." Gallup.com, 13 Mar. 2019.
    Mihelič, Katarina Katja. Global Talent Management Best Practices for SMEs. Jan. 2020.
    Mohsin, Maryam. 10 Small Business Statistics You Need to Know in 2020 [May 2020]. 4 May 2020.
    Ramadan, Wael H., and B. Eng. The Influence of Talent Management on Sustainable Competitive Advantage of Small and Medium Sized Establishments. 2012, p. 15.
    Ready, Douglas A., et al. "Building a Game-Changing Talent Strategy." Harvard Business Review, no. January–February 2014, Jan. 2014.
    Reh, John. "Cross-Training Employees Strengthens Engagement and Performance." Liveabout, May 2019.
    Rennie, Michael, et al. McKinsey on Organization: Agility and Organization Design. McKinsey, May 2016.
    Roddy, Seamus. "The State of Small Business Employee Benefits in 2019." Clutch, 18 Apr. 2019.
    SHRM. "Developing Employee Career Paths and Ladders." SHRM, 28 Feb. 2020.
    Strandberg, Coro. Sustainability Talent Management: The New Business Imperative. Strandberg Consulting, Apr. 2015.
    Talent Management for Small & Medium-Size Businesses. Success Factors. Accessed 25 June 2020.
    "Top 10 IT Challenges Facing Small Business in 2019." Your IT Department, 8 Jan. 2019.
    "Why You Need Workforce Planning." Workforce.com, 24 Oct. 2022.

    Extend Agile Practices Beyond IT

    • Buy Link or Shortcode: {j2store}175|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Architecture & Strategy
    • Parent Category Link: /architecture-and-strategy
    • Your organization has started to realize benefits from adopting Agile principles and practices. However, these advances are contained within your IT organization.
    • You are seeking to extend Agile development beyond IT into other areas of the organization. You are looking for a coordinated approach aligned to business priorities.

    Our Advice

    Critical Insight

    • Not all lessons from scaling Agile to IT are transferable. IT Agile scaling processes are tailored to IT’s scope, team, and tools, which may not account for diverse attributes within your organization.
    • Control may be necessary for coordination. With increased time-to-value, enforcing consistent cadences, reporting, and communication is a must if teams are not disciplined or lack good governance.
    • Extend Agile in departments tolerant to change. Incrementally roll out Agile in departments where its principles are accepted (e.g. a culture that embraces failures as lessons).

    Impact and Result

    • Complete an assessment of your prior efforts to scale Agile across IT to gauge successful, consistent adoption. Identify the business objectives and the group drivers that are motivating the extension of Agile to the business.
    • Understand the challenges that you may face when extending Agile to business partners. Investigate the root causes of existing issues that can derail your efforts.
    • Ideate solutions to your scaling challenges and envision a target state for your growing Agile environment. Your target state should realize new opportunities to drive more business value and eliminate current activities driving down productivity.
    • Coordinate the implementation and execution of your scaling Agile initiatives with an implementation action plan. This collaborative document will lay out the process, roles, goals, and objectives needed to successfully manage your Agile environment.

    Extend Agile Practices Beyond IT Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should extend Agile practices to improve product delivery, review Info-Tech’s methodology, and understand the ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess your readiness to scale agile vertically

    Assess your readiness to scale Agile vertically by identifying and mitigating potential Agile maturity gaps remaining after scaling Agile across your IT organization.

    • Extend Agile Practices Beyond IT – Phase 1: Assess Your Readiness to Scale Agile Vertically
    • Agile Maturity Assessment Tool

    2. Establish an enterprise scaled agile framework

    Complete an overview of various scaled Agile models to help you develop your own customized delivery framework.

    • Extend Agile Practices Beyond IT – Phase 2: Establish an Enterprise Scaled Agile Framework
    • Framework Selection Tool

    3. Create your implementation action plan

    Determine the effort and steps required to implement your extended delivery framework.

    • Extend Agile Practices Beyond IT – Phase 3: Create Your Implementation Action Plan
    [infographic]

    Workshop: Extend Agile Practices Beyond IT

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Assess Current State of Agile Maturity

    The Purpose

    Assess your readiness to scale Agile vertically.

    Identify and mitigate potential Agile maturity gaps remaining after scaling Agile across your IT organization.

    Key Benefits Achieved

    IT Agile maturity gaps identified and mitigated to ensure successful extension of Agile to the business

    Activities

    1.1 Characterize your Agile implementation using the CLAIM model.

    1.2 Assess the maturity of your Agile teams and organization.

    Outputs

    Maturity gaps identified with mitigation requirements

    2 Establish an Enterprise Scaled Agile Framework

    The Purpose

    Complete a review of scaled Agile models to help you develop your own customized delivery framework.

    Key Benefits Achieved

    A customized Agile delivery framework

    Activities

    2.1 Explore various scaled frameworks.

    2.2 Select an appropriate scaled framework for your enterprise.

    2.3 Define the future state of your team and the communication structure of your functional business group.

    Outputs

    Blended framework delivery model

    Identification of team and communication structure impacts resulting from the new framework

    3 Create Your Implementation Action Plan

    The Purpose

    Create your implementation action plan for the new Agile delivery framework.

    Key Benefits Achieved

    A clearly defined action plan

    Activities

    3.1 Define your value drivers.

    3.2 Brainstorm the initiatives that must be completed to achieve your target state.

    3.3 Estimate the effort of your Agile initiatives.

    3.4 Define your Agile implementation action plan.

    Outputs

    List of target state initiatives

    Estimation of effort to achieve target state

    An implementation action plan

    Leverage Agile Goal Setting for Improved Employee Engagement & Performance

    • Buy Link or Shortcode: {j2store}593|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Manage & Coach
    • Parent Category Link: /manage-coach
    • Managers are responsible for driving the best performance out of their staff while still developing individuals professionally.
    • Micromanaging tasks is an ineffective, inefficient way to get things done and keep employees engaged at the same time.
    • Both managers and employees view goal setting as a cumbersome process that never materializes in day-to-day work.
    • Without a consistent and agile goal-setting environment that pervades every day, managers risk low productivity and disengaged employees.

    Our Advice

    Critical Insight

    • Effective performance management occurs throughout the year, on a daily and weekly basis, not just at annual performance review time. Managers must embrace this reality and get into the habit of setting agile short-term goals to drive productivity.
    • Employee empowerment is one of the most significant contributors to employee engagement, which is a proven performance driver. Short-term goal setting, which is ultimately employee-owned, develops and nurtures a strong sense of employee empowerment.
    • Micromanaging employee tasks will get managers nowhere quickly. Putting in the effort to collaboratively define goals that benefit both the organization and the employee will pay off in the long run.
    • Goal setting should not be a cumbersome activity, but an agile, rolling habit that ensures employees are focused, supported, and given appropriate feedback to continue to drive performance.

    Impact and Result

    • Managers who have daily meetings to set goals are 17% more successful in terms of employee performance than managers who set goals annually.
    • Managers must be agile goal-setting role models, or risk over a third of their staff being confused about productivity expectations.
    • Managers that allow tracking of goals to be an inhibitor to goal setting are most likely to have a negative effect on employee performance success. In fact, tracking goals should not be a priority in the short-term.

    Leverage Agile Goal Setting for Improved Employee Engagement & Performance Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Learn the agile, short-term goal-setting process

    Implement agile goal setting with your team right away and drive performance.

    • Storyboard: Leverage Agile Goal Setting for Improved Employee Engagement & Performance
    [infographic]

    Take Advantage of Big Tech Layoffs

    • Buy Link or Shortcode: {j2store}573|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Attract & Select
    • Parent Category Link: /attract-and-select

    Tech layoffs have been making the news over the past year, with thousands of Big Tech employees having been laid off. After years of record low unemployment in IT, many leaders are looking to take advantage of these layoffs to fill their talent gaps.

    However, IT leaders need to determine their response – wait and see the impact of the recession on budgets and candidate expectations, or dive in and secure great talent to execute today on strategic needs. This research is designed to help those IT leaders who are looking to take advantage employee effective talents to secure talent.

    • With the impact of the economic slowdown still unknown, the first question IT leaders need to ask is whether now is the time to act.
    • Even with these layoffs, IT unemployment rates are at record lows, with many organizations continuing to struggle to attract talent. While these layoffs have opened a window, IT leaders need to act quickly to secure great talent.

    Our Advice

    Critical Insight

    The “where has the talent gone?” puzzle has been solved. Many tech firms over-hired and were able to outcompete everyone, but it wasn’t sustainable. This correction won’t impact unemployment numbers in the short term – the job force is just in flux right now.

    Impact and Result

    This research is designed to help IT leaders understand the talent market and to provide winning tactics to those looking to take advantage of the layoffs to fill their hiring needs.

    Take Advantage of Big Tech Layoffs Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Take Advantage of Big Tech Layoffs Storyboard – A snapshot of the current talent market in IT and quick tactics IT leaders can employ to improve their hiring process to find and attract tech talent.

    Straightforward tactics you can execute to successfully recruit IT staff impacted by layoffs.

    • Take Advantage of Big Tech Layoffs Storyboard

    2. IT Talent Acquisition Optimization Tool – Use this tool to document the current and future talent acquisition process.

    To hire efficiently, create a clear, consistent talent acquisition process. The IT Talent Acquisition Process Optimization Tool will help to:

  • Map out the current talent acquisition workflow
  • Identify areas of opportunity and potential gaps in the current process
    • IT Talent Acquisition Optimization Tool
    [infographic]

    Further reading

    Take Advantage of Big Tech Layoffs

    Simple tactics to secure the right talent in times of economic uncertainty.

    Why are the layoffs making the news?

    After three years of record low unemployment rates in IT and organizations struggling to hire IT talent into their organization, the window appears to be opening with tens of thousands layoffs from Big Tech employers.

    Big brand organizations such as Microsoft, Alphabet, Amazon, Twitter, Netflix, and Meta have been hitting major newswires, but these layoffs aren't exclusive to the big names. We've also seen smaller high-growth tech organizations following suit. In fact, in 2022, it's estimated that there were more than 160,997 layoffs across over 1,045 tech organizations. This trend has continued into 2023. By mid-February 2023, there were already 108,754 employees laid off at 385 tech companies (Layoffs.fyi).(1)

    While some of these layoffs have been openly connected to economic slowdown, others are pointing to the layoffs being a correction for over-hiring during the pandemic. It is also important to note that many of these workers were not IT employees, as these organizations also saw cuts across other areas of the business such as sales, marketing, recruitment, and operations.

    (1)This global database is constantly being updated, and these numbers are changing on an ongoing basis. For up-to-date statistics, see https://layoffs.fyi

    While tech layoffs have been making the news, so far many of these layoffs have been a correction to over-hiring, with most employees laid off finding work, if they want it, within three months.

    IT leaders need to determine their response – wait and see the impact of the recession on budgets and candidate expectations or dive in and secure great talent to execute today on strategic needs.

    This research is designed to help IT leaders understand the talent market and provide winning strategies to those looking to take advantage of the layoffs to fill their hiring needs.

    Three key drivers for Big Tech layoffs

    Economic uncertainty

    Globally, economists are predicting an economic slowdown, though there is not a consistent prediction on the impact. We have seen an increase in interest rates and inflation, as well as reduced investment budgets.

    Over-hiring during the pandemic

    High growth and demand for digital technologies and services during the early pandemic led to over-hiring in the tech industry. Many organizations overestimated the future demand and had to rebalance staffing as a result.

    New automation investments

    Many tech organizations that have conducted layoffs are still in a growth mindset. This is demonstrated though new tech investments by these companies in products like chatbots and RPA to semi-automate processes to reduce the need for certain roles.

    Despite layoffs, the labor market remains competitive

    There were at least 160,997 layoffs from more than 1,045 tech companies last year (2022). (Layoffs.fyi reported as of Feb 21/2023)

    But just because Big Tech is laying people off doesn't mean the IT job market has cooled.

    Between January and October 2022 technology- focused job postings rose 25% compared to the same period in 2021, and there were more than 375,000 tech jobs posted in October of 2022.
    (Dice: Tech Jobs Report.)

    Info-Tech Insight

    The "where has the talent gone?" puzzle has been solved. Many tech firms over-hired and were able to outcompete everyone, but it wasn't sustainable. This correction won't impact unemployment numbers in the short term – the job force is just in flux right now.

    So far, many of the layoffs have been a market correction

    Tech Layoffs Since COVID-19

    This is an image of a combo line graph plotting the number of tech layoffs from Q1 2020 to Q4 2022.

    Source: Layoffs.fyi - Tech Layoff Tracker and Startup Layoff Lists

    Tech Companies Layoffs vs. Early Pandemic Hiring # of People

    This is an image of a bar graph plotting Tech Companies Layoffs vs. Early Pandemic Hiring # of People

    Source: Yahoo Finance. Q4 '19 to Q3 '22

    Tech Layoffs between 2020 Q3- 2022 Q1 remained very low across the sector. In fact, outside of the initial increase at the start of the pandemic, layoffs have remained at historic low levels of around 1% (HBR, 2023). While the layoffs look significant in isolation, when you compare these numbers to pandemic hiring and growth for these organizations, the figures are relatively small.

    The first question IT leaders need to ask is whether now is the time to act

    The big gamble many CIOs face is whether to strike now to secure talent or to wait to better understand the impact of the recession. While two-thirds of IT professionals are still expecting their budgets to increase in 2023, CIOs must account for the impact of inflation and the recession on their IT budgets and staffing decisions (see Info-Tech's CEO-CIO Alignment Program).

    Ultimately, while unemployment is low today, it's common to see unemployment numbers drop right before a recession. If that is the case, then we will see more talent entering the market, possibly at more competitive salaries. But organizations that wait to hire risk not having the staff they need to execute on their strategy and finding themselves in a hiring freeze. CIOs need to decide on how to approach the economic uncertainty and where to place their bets.

    Looking ahead to 2023, how do you anticipate your IT spending will change compared to spending in 2022?

    This is an image of anticipated changes to IT spending compared to 2022 for the following categories: Decrease of more than 30%; Decrease between 16-30%; Decrease between 6-15%; Decrease between 1-5%; No Change; Increase between 1-5%; Increase between 6-15%; Increase between 16-30%; Increase of more than 30%

    Info-Tech's CEO-CIO Alignment Program

    Organizations ready to take advantage will need to act fast when layoffs happen

    Organizations looking to fill hiring needs or grow their IT/digital organization will need to be strategic and efficient when it comes to recruitment. Regardless of the number of layoffs, it continues to be an employee market when it comes to IT roles.

    While it is likely that the recession will impact unemployment rates, so far, the market remains hot, and the number of open roles continues to grow. This means that organizations that want to take advantage need to act quickly when news hits.

    Leaders not only need to compete with other organizations for talent, but the other challenge hiring organizations will need to compete with is that many in tech received generous severance packages and will be considering taking time off. To take advantage, leaders need to establish a plan and a clear employee value proposition to entice these highly skilled workers to get off the bench.

    Why you need to act fast:

    • Unemployment rates remain low:
      • Tech unemployment's rates in the US dropped to 1.5% in January 2023 (CompTIA), compared to overall unemployment which is at 3.4% in the US as of January 2023 (Yahoo Finance). While the layoffs look significant, we can see that many workers have been rehired into the labor market.
    • Long time-to-hire results in lost candidates:
      • According to Info-Tech's IT Talent Trend Report, 58% of IT leaders report time-to-hire is longer than two months. This timing increases for tech roles which require unique skills or higher seniority. IT leaders who can increase the timeline for their requirement process are much more likely to be able to take advantage of tech layoffs.

    IT must take a leading role in IT recruitment to take advantage of layoffs

    A personal connection is the differentiator when it comes to talent acquisition

    There is a statistically significant relationship between IT leadership involvement in talent acquisition and the effectiveness of this process in the IT department. The more involved they are, the higher the effectiveness.(1)

    More IT leadership involvement

    An image of two upward facing arrows. The left arrow is faded purple, and the right arrow is dark purple.

    Higher recruitment effectiveness

    Involved leaders see shorter times to hire

    There is a statistically significant relationship between IT leadership involvement in the talent acquisition process and time to fill vacant positions. The more involved they are, the shorter the time to hire.(2)

    Involved leaders are an integral part of effective IT departments

    There is a statistically significant relationship between IT leadership involvement in talent acquisition and overall IT department effectiveness. Those that are more involved have higher levels of effectiveness.(3)

    Increased IT Leadership in Recruitment Is Directly Correlated to Recruitment Effectiveness.

    This is an image of a combo bar graph plotting Overall Effectiveness for IT leadership involvement in recruitment.

    Focus your layoff recruitment strategy on critical and strategic roles

    If you are ready to take advantage of tech layoffs, focus hiring on critical and strategic roles, rather than your operational backfills. Roles related to security, cloud migration, data and analytics, and digital transformation are more likely to be shielded from budget cuts and are logical areas to focus on when looking to recruit from Big Tech organizations.

    Additionally, within the IT talent market, scarcity is focused in areas with specialized skill sets, such as security and architecture, which are dynamic and evolving faster than other skill sets. When looking to recruit in these areas, it's critical that you have a targeted recruitment approach; this is why tech layoffs represent a strong opportunity to secure talent in these specialized areas.

    ROLES DIFFICULT TO FILL

    An image of a bar graph plotting roles by difficulty to fill.

    Info-Tech Talent Trends 2022 Survey

    Four quick tactics to take advantage of Big Tech layoffs

    TALENT ACQUISITION PROCESS TO TAKE ADVANTAGE OF LAYOFFS

    This is an image of the talent acquisition process to take advantage of layoffs. It involves the following four steps: 1 Prepare organization and job ads for recruitment.  2 Actively track and scan for layoff activity.  3 Prioritize and screen candidates using salary benchmarks and keywords.  4 Eliminate all unnecessary hiring process steps.

    Guided Implementation

    What does a typical GI on this topic look like?

    Step 1 Step 2 Step 3 Step 4

    Call #1: Scope requirements, objectives, and your specific challenges.

    Call #2: IT job ad review.

    Call #4: Identify screening and sourcing opportunities.

    Call #5: Review your IT talent acquisition process.

    Call #3: Employee value proposition review.

    Call #7: Refine your talent acquisition process.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 8 to 12 calls over the course of 4 to 6 months.

    Tactics to take advantage of tech layoffs

    Activities

    1.1 Spot check your employee value proposition
    1.2 Update job advertisements
    1.3 Document your talent acquisition process
    1.4 Refine your talent acquisition process

    This step involves the following participants:

    • IT executive leadership
    • IT hiring manager
    • Human resources
    • Marketing/public relations

    Outcomes of this step

    Streamlined talent acquisition process tailored to take advantage of tech layoffs.

    This is an image of the talent acquisition process to take advantage of layoffs. It involves the following fo steps: 1 Prepare organization and job ads for recrtment.  2 Actively track and scan for layoff aivity.  3 Prioritize and screen candidates using salary benchmarks and kwords.  4 Eliminate all unnecessary hiring process steps.

    Requisition: update job ads and secure approval to hire

    Critical steps:

    1. Ensure you have secured budget and hiring approval.
    2. Identify an IT recruitment partner within the IT organization who will be accountable for working with HR throughout the process and who will actively track and scan for recruitment opportunities.
    3. Update your IT job descriptions.
    4. Spot check your employee value proposition (EVP) to appeal to targeted candidates (Exercise 1.1).
    5. Write employee job ads for relevant skills and minimum viable experience (Exercise 1.2).
    6. Work with HR to develop your candidate outreach messages – ensure that your outreach is empathetic, aligns with your EVP, and focuses on welcoming them to apply to a role.

    The approval process to activate a requisition can be one of the longest stages in the talent acquisition process. Ensure all your roles are up to date and approved so you can trigger outreach as soon as news hits; otherwise, you'll be late before you've even begun.

    Your employee value proposition (EVP) is a key tool for attracting and retaining talent

    Any updates to your EVP need to be a genuine reflection of the employee experience at your organization – and should resonate internally and externally.

    Internal (retention) perspective: These characteristics help to retain new and existing talent by ensuring that new hires' expectations are met and that the EVP is experienced throughout the organization.

    External (attraction) perspective: These characteristics help to attract talent and are targeted so the right candidates are motivated to join, while those who aren't a good fit will self-select out.

    McLean & Company's Employee Value Proposition Framework

    This is an image of McLean & Company's Employee Value Proposition Framework.  It is divided into Retain and Attract.  under Retain, are the following three headings: Aligned; Accurate; Aspirational.  Under Attract are: Compelling; Clear; Comprehensive.

    Source: McLean & Company

    1.1 Spot check your EVP

    1-3 hours

    1. Review your existing IT employee value proposition. If you do not have an EVP, see Info-Tech's comprehensive research Improve the IT Recruitment Process to draft a new EVP.
    2. Invite a representative group of employees to participate in a working group to improve your employee value proposition. Ask each participant to brainstorm the top five things they value most about working at the organization.
    3. Consider the following categories: work environment, career advancement, benefits, and ESG and diversity impact. Brainstorm as a group if there is anything unique your organization offers with regard to these categories.
    4. Compare your notes to your existing EVP, identify up to four key statements to focus on for the EVP, ensuring that your EVP speaks to at least one of the categories above. Remove any statements that no longer speak to who you are as an organization or what you offer.

    Input

    • Existing employee value proposition
    • Employee Engagement Surveys (If Available)

    Output

    • Updated employee value proposition

    Materials

    • Whiteboard/flip charts
    • Job ad template

    Participants

    • Representative group of internal employees.
    • HR
    • Marketing/PR (if possible)

    Four critical factors considered by today's job seeker

    1. Be specific about remote work policies: Include verbiage about whether there is an option to work hybrid or remote. 81% of job seekers stated that whether a job is remote, hybrid, or in-person was a top factor in whether they'd accept an offer (Benefits Canada, 2022).
    2. Career advancement and stability: "37% of Gen Z employees and 25% of millennial employees are currently looking for a job that offers career progression transparency — or, in other words, a job with clear opportunities for growth. This is significantly higher than our findings for older generations Gen X (18%) and baby boomers (7%)," (Lattice, 2021).
    3. Unique benefits: Consider your unique benefits – it's not the Big Tech "fun perks" like slides and ping pong that drive interest. Employees are increasingly looking for roles with long-term benefits programs. 90% of job seekers consider higher pension contributions to be a key factor, and 85% are considering bonuses/profit sharing" (Benefits Canada, 2022). Candidates may accept lower total compensation in exchange for flexibility, culture, work/life balance that was lacking in the start-up scene or the mega-vendors' fast-paced world.
    4. ESG and diversity impact: Include details of how the candidate will make a societal impact through their role, and how the company is acting on climate and sustainability. "Nearly two in five [Gen Z's and millennials] say they have rejected a job or assignment because it did not align with their values," (Deloitte Global, 2022).

    Update or establish job ads for candidate outreach

    Take the time up front to update your IT job descriptions and to write effective job advertisements. A job advertisement is an external-facing document that advertises a position with the intent of attracting job applicants. It contains key elements from the job description as well as information on the organization and its EVP. A job description informs a job ad, it doesn't replace it.
    When updating job descriptions and job ads, it's critical that your requirements are an accurate representation of what you need in the position. For the job ads especially, focus on the minimum requirements for the role, highlight your employee value proposition, and ensure that they are using inclusive language.
    Don't be lulled into using a job description as a posting when there's a time crunch to fill a position – use your preparation time to complete this key step.

    Three tips to consider when building a job ad

    Include the minimum desired requirements

    Include the required skills, responsibilities, and certifications required. Instead of looking for a unicorn, look for what you need and a demonstrated ability to learn. 70% of business executives say they are getting creative about sourcing for skills rather than just considering job experience (Deloitte Insights, 2022).

    Strategically include certifications

    When including certifications, ensure you have validated the process to be certified – i.e. if you are hiring for a role with 3-5 years' experience, ensure that the certification does not take 5-10 years of experience be eligible.

    Use inclusive language

    Consider having a review group within your IT organization to ensure the language is inclusive, that the responsibilities don't read as overly complex, and that it is an accurate representation of the organization's culture.

    1.2 Update or build job ads

    1-3 hours

    1. Begin with a copy of the job ad you are looking to fill, if you haven't begun to draft the role, start with Info-Tech's Job Description Library and Info-Tech's Job Ad Template.
    2. Review the job accountabilities, rank each responsibility based on its importance and volume of work. Determine if there are any responsibilities that are uncommon to be executed by the role and remove unnecessary responsibilities.
    3. For each of the job accountabilities, identify if there is a level of experience, knowledge or competency that would be the minimum bar for a candidate. Remove technical skills, specific technologies, and competencies that aren't directly relevant to the role, responsibilities or values.
    4. Review the education and requirements, and ensure that any certification or educational background is truly needed or suggested.
    5. Use the checklist on the following tab to review and update your job ad.

    Input

    • Job description
    • Employee value proposition
    • Job ad template

    Output

    • Completed job ad

    Materials

    • Whiteboard/flip charts
    • Web share

    Participants

    • Representative group of internal employees.
    • HR
    • Marketing/PR (if possible)

    1.2 Job ad checklist:

    A job ad needs to be two things: effective and inclusive.

    Effective

    The job ad does include:

    The organization's logo.
    Description of the organization.
    Information about benefits.
    A link to the organization's website and social media platforms.
    Steps in the application process and what candidates can expect.

    The job ad:

    Paints an accurate picture of key aspects of the role.
    Tells a story to show potential candidates how the role and organization will fit into their career path (outlines potential career paths, growth opportunities, training, etc.).
    Does not contain too many details and tasks that would overwhelm applicants.
    Highlights the employer brand in a manner that conveys the EVP and markets the organization to attract potential applicants.
    Includes creative design or formatting to make the ad stand out.
    The job ad speaks to the audience by using targeted language (e.g. using creative language when recruiting for a creative role).
    The job ad has been reviewed by HR, Marketing, PR.

    Inclusive

    The job ad does NOT include:

    Industry jargon or abbreviations that are not spelled out.
    Personality characteristics and unnecessary adjectives that would deter qualified candidates (e.g. extroverted, aggressive, competitive).
    A list of specific academic disciplines or schools, GPA requirements, or inflated degree requirements.

    The job ad:

    Uses gender-neutral language and does not contain terms that indicate traits that are typically associated with a specific gender.
    Can be viewed and applications can be completed on mobile devices.
    Focuses on results, day-to-day requirements, competencies, and transferrable skills.
    Includes design that is accessible (e.g. alternative text is provided for images, clear posting structure with headings, color is not used to convey information).

    Sourcing: Set up news trackers and review layoff source lists

    • Set up news and social media trackers to track layoff updates, and ensure you have an IT staff member on standby to complete a more detailed opportunity analysis when layoffs happen.
    • Use layoff source lists such as Layoffs.fyi to actively track organizations that have laid people off, noting the industry, location, and numbers in order to identify potential candidates. Limit your future analysis to locations that would be geographically possible to hire from.
    • Review open-source lists of laid-off employees to quickly identify potential candidates for your organization.
    • Many organizations that have completed layoffs have established outplacement programs to help laid-off staff find new roles. Set a plan in motion with HR to reach out to organizations once a layoff has occurred to understand their layoff support program.

    The key to successful sourcing is for IT to take an active role in identifying which organizations impacted by layoffs would be a good fit, and to quickly respond by searching open-source lists and LinkedIn to reach out potential candidates.

    Consider leveraging open-source lists

    Layoffs.fyi has been tracking and reporting on layoffs since the start of COVID-19. While they are not an official source of information, the site has more than a million views per month and is a strong starting point for IT leaders looking to source candidates from tech layoffs beyond the big organizations that are making the news.

    The site offers a view of companies with layoffs by location, industry, and the source of the info. Additionally, it often lists the names and contact information of laid-off employees, which you can leverage to start your deeper LinkedIn outreach or candidate screening.

    This is an image of two screenshots of open source lists from Layoffs.fyi

    Screenshots from Layoffs.fyi.

    Screening: Prioritize by considering salary benchmarks and keywords

    • Determine a set of consistent pre-screening questions to leverage while screening candidates, which every candidate must answer, including knockout questions.
    • Prioritize by going for salary ranges you can afford: It is important to be aware of what companies are paying within the tech arena, so you know if your salary bands are within a competitive range.
    • Pre-screen resumes using appropriate keywords that are critical for the role, and widen the terms if you do not have enough candidates. Given the pool you are looking to recruit from, consider removing criteria specifically related to education or certifications; instead, prioritize skills and on-the-job experience.

    Screening is one of the most time-consuming stages of the TA process. For each open position, it can take 23 hours to screen resumes (Toolbox, 2021). In fact, 52% of TA leaders believe that screening candidates from a large pool of applicants is the hardest part of recruitment (Ideal, 2021).

    Compensation comparison reports

    Keep in mind that the market may be shifting rapidly as layoffs proliferate, so what the data shows, particularly on free-to-use sites with little data-checking, may not be current and may be overstated. Info-Tech does not provide salary analysis; however, there are publicly available reports and online websites with self-reported data.

    This list contains several market data sources for the tech industry, which may be a good starting point for comparison. Info-Tech is not affiliated with or endorsing any of these market data sources.

    Aon Global Cyber Security Compensation and Talent Survey
    Aon – Radford Surveys Radford Global Technology Survey
    Culpepper Comprehensive Compensation Survey Solution for Technology-Focused Companies
    Modis 2022 IT Compensation Guide
    Motion Recruitment 2023 Tech Salary Guide
    Mondo 2022 Salary Guide for roles & jobs across the technology, creative & digital marketing industries.
    Willis Towers Watson Willis Towers Watson Data Services - Artificial Intelligence and Digital Talent
    Willis Towers Watson 2022 Artificial Intelligence and Digital Talent Survey Report - Canada
    Willis Towers Watson 2022 Artificial Intelligence and Digital Talent Survey Report - U.S.
    Michael Page Salary Guide 2022 for the Greater Toronto Area Technology Industry
    Willis Towers Watson Willis Towers Watson Data Services - Tech, Media, and Gaming
    Willis Towers Watson 2022 Tech, Media and Gaming Executive Survey Report - Canada
    Willis Towers Watson 2022 Tech, Media and Gaming Middle Management, Professional and Support Survey Report - Canada
    Willis Towers Watson 2022 Tech, Media and Gaming Executive Survey Report - U.S.
    Willis Towers Watson 2022 Tech, Media and Gaming Middle Management, Professional and Support Survey Report - U.S.

    Work with your HR partner to streamline your talent acquisition process

    A slow talent acquisition process presents multiple risks to your ability to recruit. Candidates are likely having multiple hiring conversations, and you could lose a good candidate just by being slower than another organization. Additionally, long hiring processes are also an indicator of a high level of bureaucracy in an organization, which may turn off tech candidates who are used to faster-paced decision making.

    Reducing your time-to-hire needs to be a strategic priority, and companies that manage to do this are reaping the benefits: There is a statistically significant relationship between time to fill vacant positions and overall IT department effectiveness. The shorter the time to fill a position, the higher the effectiveness (Bika, 2019).

    Key Considerations for Optimizing your Talent Acquisition Process

    Key Considerations for Optimizing your Talent Acquisition Process

    Review the end-to-end experience

    50%

    of job seekers surveyed had "declined a job offer due to poor [candidate] experience," (Echevarria, 2020).

    Reduce the time to hire

    55%

    "of candidates believe that it should take one to two weeks from the first interview to being offered the job," (Duszyński, 2021).

    Be clear on Timelines

    83%

    "of candidates say it would greatly improve the overall experience if employers provided a clear timeline of the hiring process," (Miller, n.d.).

    Time to hire: Identify solutions to drive efficient hiring

    1. Document all steps between screening and hiring and remove any unnecessary steps.
    2. Create clearly defined interview guides to ensure consistent questioning by interviewers.
    3. Enable hiring managers to schedule their own interviews.
    4. Determine who needs to approve an offer. Streamline the number of approvals, if possible.
    5. Eliminate unnecessary background checks. Many companies have eliminated reference checks, for example, after determining that it was it was not adding value to their decision.
    6. Identify and track key metrics across your talent acquisition process.

    It is critical to partner with your HR department on optimizing this process, as they are typically the process owners and will have deep knowledge of the rationale for decisions. Together, you can identify some opportunities to streamline the process and improve the time to hire.

    4.1 Document your TA process

    1-3 hours

    1. If you have a documented talent acquisition process, begin with that; if not, open the IT Talent Acquisition Process Optimization Tool and map the stages of the talent acquisition process with your HR leader. Stages are the top level in the process (e.g. requisition, sourcing, screening).
    2. Identify all the stakeholders involved in IT talent acquisition and document these in the tool.
    3. Next, identify the steps required for each stage. These are more detailed actions that together will complete the stage (e.g. enter requisition into ATS, intake meeting). Ask subject matter experts to add steps to their portion of the process and document these in the cells.
    4. For each step in the stage, record the time required and the number of people who are involved.

    Input

    • Existing talent acquisition (TA) process document
    • Any TA process metrics
    • Info-Tech's Talent Acquisition Process Optimization Tool

    Output

    • Documented TA process

    Materials

    • Info-Tech's Talent Acquisition Process Optimization Tool
    • Whiteboard/flip charts
    • Sticky notes

    Participants

    • HR
    • IT leaders
    • Hiring manager

    Download the IT Talent Acquisition Process Optimization Tool

    Example of steps in each stage of the TA process

    Activities

    Requisition

    Source

    Screen

    Interview & Assess

    Offer

    Background Check

    Vacancy identified Posted on website Resumes screened in system Interviews scheduled Offer letter drafted Reference checks conducted
    Requisition submitted Posted on job boards Resume screened by recruited First round interviews Offer letter sent Medical checks conducted
    Requisition approved Identification of layoff sources Resumed reviewed by hiring manager Assessment Negotiations Other background checks conducted
    Job description updated Review layoff source lists Screening calls Second round interview First date confirmed
    Job ad updated Screening questions developed Candidates selected
    Intake meeting

    4.2 Refine your TA process

    1-3 hours

    1. Collectively identify any:
      1. Inconsistent applications: Activities that are done differently by different participants.
      2. Bottlenecks: A place in the process where activity is constrained and holds up next steps.
      3. Errors: When a mistake occurs requiring extra time, resources, or rework.
      4. Lack of value: An activity that adds little to no value (often a legacy activity).
    2. Work with HR to identify any proposed solutions to improve consistency, reduce bottlenecks, errors, or eliminate steps that lack value. Document your proposed solutions in tab 3 of the IT Talent Acquisition Optimization Tool.
    3. Identify any new steps needed that would drive greater efficiency, including the tactics suggested in this research. Document any proposed solutions in tab 3.
    4. For each proposed solution, evaluate the general level of effort and impact required to move forward with that solution and select the appropriate classification from the drop-down.
    5. Determine if you will move forward with the proposed solution at this time. Update the TA workflow with your decisions.

    Input

    • Existing talent acquisition (TA) process document
    • Any TA process metrics
    • Info-Tech's Talent Acquisition Process Optimization Tool

    Output

    • Documented TA process

    Materials

    • Info-Tech's Talent Acquisition Process Optimization Tool
    • Whiteboard/flip charts
    • Sticky notes

    Participants

    • HR
    • IT leaders
    • Hiring manager

    Use Info-Tech's IT Talent Acquisition Optimization Tool to document current challenges & target solutions.

    Map your process and identify opportunities to streamline

    This is an image of the talent aquisitions workflow page from Info-Tech's Map your process and identify opportunities to streamline

    Brainstorm and select solutions to improve your process

    This is an image of the Effort Analysis page from Info-Tech's Brainstorm and select solutions to improve your process

    Key considerations when optimizing your process

    • Put yourself in each stakeholder's shoes (candidate, HR, hiring manager). Think through what they need from the process.
    • Challenge assumptions and norms. It can be tempting to get caught up in "how we do it today." Think beyond how it is today.
    • Question timing of activities and events. Identify if they are occurring when they need to.
    • Rebalance work to align with priorities. Identify if work can be redistributed or condensed to use time more efficiently.
    • Distinguish when consistency will add value and when there should be process flexibility.
    • Question the value. For each activity, ask "What value does this activity add?"

    Select metrics to measure Talent Acquisition process improvement

    METRICS INFORMATION
    Metric Definition Calculation
    Average applicants per posting The average number of applicants received per post. Number of applications / Number of postings
    Average number of interviews for open job positions Average number of interviews for open job positions. Total number of interviews / Total number of open job positions
    Average external time to fill Average number of calendar days from when the requisition is issued to when a candidate accepts the position from outside the organization. External days to fill / External candidates
    Pipeline throughput Percentage of candidates advancing through to the next stage. (Number of candidates in chosen stage / Number of candidates in preceding stage) * 100
    External offer acceptance rate Percentage of job offers extended to external candidates that were accepted. (Number of job offers that are accepted / Number of job offers extended) * 100
    Percentage of target group hired The percentage of a target group that was hired. Number of FTE hired / Target number of FTE to be hired
    Average time to hire Average number of calendar days between first contact with the candidate and when they accept the offer. Sum of number of days between first contact and offer acceptance / External candidates
    Quality of hire Percentage of new hires achieving a satisfactory appraisal at their first assessment. New hires who achieve a satisfactory rating at their first appraisal / Total number of new hires
    Vacancy rate Percentage of positions being actively recruited for at the end of the reporting period. Count of vacant positions / (Headcount + Vacant positions)

    Bibliography

    "81% of Employees Factoring Hybrid Work Into Job Search: Survey." BenefitsCanada.com, 16 June 2022.
    Andre, Louie. "40 Notable Candidate Experience Statistics: 2023 Job Application Trends & Challenges." Financesonline.Com, 15 Mar. 2023.
    Bika, Nikoletta. "Key Hiring Metrics: Useful Benchmarks for Tech Roles." Recruiting Resources: How to Recruit and Hire Better, 10 Jan. 2019.
    "Bureau of Labor Statistics Labor Market Revisions Contribute to Conflicting Signals in Latest Tech Employment Data, CompTIA Analysis Finds." CompTIA, 3 Feb. 2023. Press release.
    Byrnes, Amy. "ICIMS Insights Workforce Report: Time to Press the Reset Button?" ICIMS | The Leading Cloud Recruiting Software, 1 Dec. 2022.
    Cantrell, Sue, et al. "The Skills-Based Organization: A New Operating Model for Work and the Workforce." Deloitte Insights, 8 Sept. 2022.
    deBara, Deanna. "Top Findings from Lattice's Career Progression Survey." Lattice, 13 Sept. 2021. Accessed 16 Feb. 2023.
    Duszyński, Maciej. "Candidate Experience Statistics (Survey of 1,000+ Americans)." Zety, 14 Oct. 2019.
    Duszyński, Maciej. "Candidate Experience Statistics." Zety, 2021.
    Echevarria, Desiree. "2020 Candidate Experience Report." Career Plug, 17 Mar. 2021.
    Ghosh, Prarthana. "Candidate Screening and Selection Process: The Complete Guide for 2021." Spiceworks, 26 Feb. 2021. Accessed 22 Jun. 2021
    "Introduction - Dice Tech Job Report: Tech Hiring Trends by Location, Industry, Role and Skill." Accessed 16 Feb. 2023.
    Lee, Roger. "Tech Layoff Tracker and Startup Layoff Lists." Layoffs.fyi. Accessed 16 Feb. 2023.
    Miller, Kandace. "Candidate Experience And Engagement Metrics You Should Be Tracking." ConveyIQ, n.d. Accessed 16 Feb. 2023.
    Min, Ji-A. "Resume Screening: A How-To Guide for Recruiters." Ideal, 15 Mar. 2021. Web.
    Palmeri, Shelby. "2023 Candidate Experience Research: Strategies for Recruiting." CareerPlug, 6 Feb. 2023.
    Semenova, Alexandra. "Jobs Report: U.S. Economy Adds 517,000 Jobs in January, Unemployment Rate Falls to 3.4% as Labor Market Stuns." Yahoo!Finance, 3 Feb. 2023.
    Sozzi, Brian. "Big Tech Layoffs: What Companies Such as Amazon and Meta Have in Common." Yahoo!News, 6 Feb. 2023.
    Tarki, Atta. "Despite Layoffs, It's Still a Workers' Labor Market." Harvard Business Review, 30 Jan. 2023.
    The Deloitte Global 2022 Gen Z and Millennial Survey. Deloitte Global, 2022. Accessed 16 Feb. 2023.
    "Uncover the Employee Value Proposition." McLean & Company, 21 Jun. 2022. Accessed 22 Feb. 2023.

    Build, Optimize, and Present a Risk-Based Security Budget

    • Buy Link or Shortcode: {j2store}371|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Security Strategy & Budgeting
    • Parent Category Link: /security-strategy-and-budgeting
    • Year after year, CISOs need to develop a comprehensive security budget that is able to mitigate against threats.
    • This budget will have to be defended against many other stakeholders to ensure there is proper funding.
    • Security budgets are unlike other departmental budgets. Increases or decreases in the budget can drastically affect the organizational risk level.
    • CISOs struggle with the ability to assess the effectiveness of their security controls and where to allocate money.

    Our Advice

    Critical Insight

    • CISOs can demonstrate the value of security when they correlate mitigations to business operations and attribute future budgetary needs to business evolution.
    • To identify the critical areas and issues that must be reflected in your security budget, develop a comprehensive corporate risk analysis and mitigation effectiveness model, which will illustrate where the moving targets are in your security posture.

    Impact and Result

    • Info-Tech’s methodology moves you away from the traditional budgeting approach to building a budget that is designed to be as dynamic as the business growth model.
    • Collect your organization's requirements and build different budget options to describe how increases and decreases can affect the risk level.
    • Discuss the different budgets with the business to determine what level of funding is needed for the desired level of security.
    • Gain approval of your budget early by preshopping and presenting the budget to individual stakeholders prior to the final budget approval process.

    Build, Optimize, and Present a Risk-Based Security Budget Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should build, optimize, and present a risk-based security budget, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Review requirements for the budget

    Collect and review the required information for your security budget.

    • Build, Optimize, and Present a Risk-Based Security Budget – Phase 1: Review Requirements for the Budget

    2. Build the budget

    Take your requirements and build a risk-based security budget.

    • Build, Optimize, and Present a Risk-Based Security Budget – Phase 2: Build the Budget
    • Security Budgeting Tool

    3. Present the budget

    Gain approval from business stakeholders by presenting the budget.

    • Build, Optimize, and Present a Risk-Based Security Budget – Phase 3: Present the Budget
    • Preshopping Security Budget Presentation Template
    • Final Security Budget Presentation Template
    [infographic]

    Workshop: Build, Optimize, and Present a Risk-Based Security Budget

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Review Requirements for the Budget

    The Purpose

    Understand your organization’s security requirements.

    Collect and review the requirements.

    Key Benefits Achieved

    Requirements are gathered and understood, and they will provide priorities for the security budget.

    Activities

    1.1 Define the scope and boundaries of the security budget.

    1.2 Review the security strategy.

    1.3 Review other requirements as needed, such as the mitigation effectiveness assessment or risk tolerance level.

    Outputs

    Defined scope and boundaries of the security budget

    2 Build the Budget

    The Purpose

    Map business capabilities to security controls.

    Create a budget that represents how risk can affect the organization.

    Key Benefits Achieved

    Finalized security budget that presents three different options to account for risk and mitigations.

    Activities

    2.1 Identify major business capabilities.

    2.2 Map capabilities to IT systems and security controls.

    2.3 Categorize security controls by bare minimum, standard practice, and ideal.

    2.4 Input all security controls.

    2.5 Input all other expenses related to security.

    2.6 Review the different budget options.

    2.7 Optimize the budget through defense-in-depth options.

    2.8 Finalize the budget.

    Outputs

    Identified major business capabilities, mapped to the IT systems and controls

    Completed security budget providing three different options based on risk associated

    Optimized security budget

    3 Present the Budget

    The Purpose

    Prepare a presentation to speak with stakeholders early and build support prior to budget approvals.

    Present a pilot presentation and incorporate any feedback.

    Prepare for the final budget presentation.

    Key Benefits Achieved

    Final presentations in which to present the completed budget and gain stakeholder feedback.

    Activities

    3.1 Begin developing a communication strategy.

    3.2 Build the preshopping report.

    3.3 Practice the presentation.

    3.4 Conduct preshopping discussions with stakeholders.

    3.5 Collect initial feedback and incorporate into the budget.

    3.6 Prepare for the final budget presentation.

    Outputs

    Preshopping Report

    Final Budget Presentation

    Select the Optimal Disaster Recovery Deployment Model

    • Buy Link or Shortcode: {j2store}413|cart{/j2store}
    • member rating overall impact (scale of 10): 8.8/10 Overall Impact
    • member rating average dollars saved: $10,247 Average $ Saved
    • member rating average days saved: 11 Average Days Saved
    • Parent Category Name: DR and Business Continuity
    • Parent Category Link: /business-continuity
    • DR deployment has many possibilities. It becomes overwhelming and difficult to sift through all of the options and understand what makes sense for your organization.
    • The combination of high switching costs and the pressure to move applications to cloud leaves managers overwhelmed and complacent with their current DR model.

    Our Advice

    Critical Insight

    1. Cut to the chase and evaluate the feasibility of cloud first. Gauge your organization’s current capabilities for DR in the cloud before becoming infatuated with the idea.
    2. A mixed model gives you the best of both worlds. Diversify your strategy by identifying fit for purpose and balancing the work required to maintain various models.
    3. Begin with the end in mind. Commit to mastering the selected model and leverage your vendor relationship for effective DR.

    Impact and Result

    • By efficiently eliminating models that are not suited for your organization and narrowing the scope of DR deployment possibilities, you spend more time focusing on what works rather than what doesn’t.
    • Taking a funneled approach ensures that you are not wasting time evaluating application-level considerations when organizational constraints prevent you from moving forward.
    • Comparing the total cost of ownership among candidate models helps demonstrate to the business the reason behind choosing one method over another.

    Select the Optimal Disaster Recovery Deployment Model Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should build the optimal DR deployment model, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Target the relevant DR options for your organization

    Complete Phase 1 to outline your DR site requirements, review any industry or organizational constraints on your DR strategy, and zero in on relevant DR models.

    • Select the Optimal Disaster Recovery Deployment Model – Phase 1: Target Relevant DR Options for Your Organization
    • DR Decision Tree (Visio)
    • DR Decision Tree (PDF)
    • Application Assessment Tool for Cloud DR

    2. Conduct a comprehensive analysis and vet the DR vendors

    Complete Phase 2 to explore possibilities of deployment models, conduct a TCO comparison analysis, and select the best-fit model.

    • Select the Optimal Disaster Recovery Deployment Model – Phase 2: Conduct a Comprehensive Analysis and Vet the DR Vendors
    • DR Solution TCO Comparison Tool

    3. Make the case and plan your transition

    Complete Phase 3 to assess outsourcing best practices, address implementation considerations, and build an executive presentation for business stakeholders.

    • Select the Optimal Disaster Recovery Deployment Model – Phase 3: Make the Case and Plan Your Transition
    • DR Solution Executive Presentation Template
    [infographic]

    Workshop: Select the Optimal Disaster Recovery Deployment Model

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Target Relevant DR Options for Your Organization

    The Purpose

    Identify potential DR models

    Key Benefits Achieved

    Take a funneled approach and avoid getting lost among all of the DR models available

    Activities

    1.1 Define DR site requirements

    1.2 Document industry and organizational constraints

    1.3 Identify potential DR models

    Outputs

    Determine the type of site, replication, and risk mitigation initiatives required

    Rule out unfit models

    DR Decision Tree

    Application Assessment Tool for Cloud DR

    2 Conduct a Comprehensive Analysis of Appropriate Models

    The Purpose

    Explore relevant DR models

    Key Benefits Achieved

    Develop supporting evidence for the various options

    Activities

    2.1 Explore pros and cons of potential solutions

    2.2 Understand the use case for DRaaS

    2.3 Review DR model diagrams

    Outputs

    Qualitative analysis on candidate models

    Evaluate the need for DRaaS

    DR diagrams for candidate models

    3 Build the DR Solution TCO Comparison Tool

    The Purpose

    Determine best cost models

    Key Benefits Achieved

    Save money by selecting the most cost effective option to meet your DR requirements

    Activities

    3.1 Gather hardware requirements for production site

    3.2 Define capacity requirements for DR

    3.3 Compare cost across various models

    Outputs

    Populate the production summary tab in TCO tool

    Understand how much hardware will need to be on standby and how much will be procured at the time of disaster

    Find the most cost effective method

    4 Make the Case and Plan Your Transition

    The Purpose

    Build support from business stakeholders by having a clear and defendable proposal for DR

    Key Benefits Achieved

    Effective and ready DR deployment model

    Activities

    4.1 Address implementation considerations for network, capacity, and day-to-day operations

    4.2 Build presentation for business stakeholders

    Outputs

    Define implementation projects necessary for deployment and appoint staff to execute them

    PowerPoint presentation to summarize findings from the course of the project

    Identify and Manage Strategic Risk Impacts on Your Organization

    • Buy Link or Shortcode: {j2store}219|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management

    Moreso than any other time, our world is changing. As a result, organizations – and their vendors – need to be able to adapt their strategic plans to accommodate risk on an unprecedented level.

    A new global change will impact your organizational strategy at any given time. So, make sure your plans are flexible enough to manage the inevitable consequences.

    Our Advice

    Critical Insight

    • Identifying and managing a vendor’s potential strategic impact on your organization requires multiple people in the organization across several functions. Those people all need coaching on the potential changes in the market and how these changes affect strategic plans.
    • Organizational leadership is often taken unaware during crises, and their plans lack the flexibility needed to adjust to significant market upheavals.

    Impact and Result

    • Vendor management practices educate organizations on the different potential risks to vendors in your market and suggest creative and alternative ways to avoid and help manage them.
    • Prioritize and classify your vendors with quantifiable, standardized rankings.
    • Prioritize focus on your high-risk vendors.
    • Standardize your processes for identifying and monitoring vendor risks to manage potential impacts on your strategic plan with our Strategic Risk Impact Tool.

    Identify and Manage Strategic Risk Impacts on Your Organization Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Identify and Manage Strategic Risk Impacts to Your Organization Deck – Use the research to better understand the negative impacts of vendor actions on your strategic plans.

    Use this research to identify and quantify the potential strategic impacts caused by vendors. Use Info-Tech’s approach to look at the strategic impact from various perspectives to better prepare for issues that may arise.

    • Identify and Manage Strategic Risk Impacts on Your Organization Storyboard

    2. What If Vendor Strategic Impact Tool – Use this tool to help identify and quantify the strategic impacts of negative vendor actions

    By playing the “what if” game and asking probing questions to draw out – or eliminate – possible negative outcomes, everyone involved adds their insight into parts of the organization to gather a comprehensive picture of potential impacts.

    • Strategic Risk Impact Tool
    [infographic]

    Further reading

    Identify and Manage Strategic Risk Impacts on Your Organization

    The world is in a perpetual state of change. Organizations need to build adaptive resiliency into their strategic plans to adjust to ever-changing market dynamics.

    Analyst perspective

    Organizations need to build flexible resiliency into their strategic plans to be able to adjust to ever-changing market dynamics.

    This is a picture of Frank Sewell, Research Director, Vendor Management at Info-Tech Research Group

    Like most people, organizations are poor at assessing the likelihood of risk. If the past few years have taught us anything, it is that the probability of a risk occurring is far more flexible in the formula Risk = Likelihood * Impact than we ever thought possible. The impacts of these risks have been catastrophic, and organizations need to be more adaptive in managing them to strengthen their strategic plans.

    Frank Sewell,
    Research Director, Vendor Management
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Moreso than any other time, our world is changing. As a result, organizations – and their vendors – need to be able to adapt their strategic plans to accommodate risk on an unprecedented level.

    A new global change will impact your organizational strategy at any given time. So, make sure your plans are flexible enough to manage the inevitable consequences.

    Common Obstacles

    Identifying and managing a vendor’s potential strategic impact on your organization requires multiple people in the organization across several functions. Those people all need coaching on the potential changes in the market and how these changes affect strategic plans.

    Organizational leadership is often taken unaware during crises, and their plans lack the flexibility needed to adjust to significant market upheavals.

    Info-Tech’s Approach

    Vendor management practices educate organizations on the different potential risks to vendors in your market and suggest creative and alternative ways to avoid and help manage them.

    Prioritize and classify your vendors with quantifiable, standardized rankings.

    Prioritize focus on your high-risk vendors.

    Standardize your processes for identifying and monitoring vendor risks to manage potential impacts on your strategic plan with our Strategic Impacts Tool.

    Info-Tech Insight

    Organizations must evolve their strategic risk assessments to be more adaptive to respond to global changes in the market. Ongoing monitoring of the market and the vendors tied to company strategies is imperative to achieving success.

    Info-Tech’s multi-blueprint series on vendor risk assessment

    There are many individual components of vendor risk beyond cybersecurity.

    This image depicts a cube divided into six different coloured sections. The sections are labeled: Financial; Reputational; Operational; Strategic; Security; Regulatory & Compliance.

    This series will focus on the individual components of vendor risk and how vendor management practices can facilitate organizations’ understanding of those risks.

    Out of Scope:

    This series will not tackle risk governance, determining overall risk tolerance and appetite, or quantifying inherent risk.

    Strategic risk impacts

    Potential losses to the organization due to risks to the strategic plan

    • In this blueprint, we’ll explore strategic risks (risks to the Strategic Plans of the organization) and their impacts.
    • Identify potentially disruptive events to assess the overall impact on organizations and implement adaptive measures to correct strategic plans.
    This image depicts a cube divided into six different coloured sections. The section labeled Strategic is highlighted.

    The world is constantly changing

    The IT market is constantly reacting to global influences. By anticipating changes, leaders can set expectations and work with their vendors to accommodate them.

    When the unexpected happens, being able to adapt quickly to new priorities ensures continued long-term business success.

    Below are some things no one expected to happen in the last few years:

    62%

    of IT professionals are more concerned about being a victim of ransomware than they were a year ago.

    82%

    of Microsoft’s non-essential employees shifted to working from home in 2020, joining the 18% already remote.

    89%

    of organizations invested in web conferencing technology to facilitate collaboration.

    Source: Info-Tech Tech Trends Survey 2022

    Strategic risks on a global scale

    Odds are at least one of these is currently affecting your strategic plans

    • Vendor Acquisitions
    • Global Pandemic
    • Global Shortages
    • Gas Prices
    • Poor Vendor Performance
    • Travel Bans
    • War
    • Natural Disasters
    • Supply Chain Disruptions
    • Security Incidents

    Make sure you have the right people at the table to identify and plan to manage impacts.

    Identify & manage strategic risks

    Global Pandemic

    Very few people could have predicted that a global pandemic would interrupt business on the scale experienced today. Organizations should look at their lessons learned and incorporate adaptable preparations into their strategic planning moving forward.

    Vendor Acquisitions

    The IT market is an ever-shifting environment. Larger companies often gobble up smaller ones to control their sectors. Incorporating plans to manage those shifts in ownership will be key to many strategic plans that depend on niche vendor solutions for success. Be sure to monitor the potentially affected markets on an ongoing cadence.

    Global Shortages

    Organizations need to accept that shortages will recur periodically and that preparing for them will significantly increase the success potential of long-term strategic plans. Understand what your business needs to stock for project needs and where those supplies are located, and plan how to rapidly access and distribute them as required if supply chain disruptions occur.

    What to look for in vendors

    Identify strategic risk impacts

    • A vendor acquires many smaller, seemingly irrelevant IT products. Suddenly their revenue model includes aggressive license compliance audits.
      • Ensure that your installed software meets license compliance requirements with good asset management practices.
      • Monitor the market for such acquisitions or news of audits hitting companies.
    • A vendor changes their primary business model from storage and hardware to becoming a self-proclaimed “professional services guru,” relying almost entirely on their name recognition to build their marketing.
      • Be wary of self-proclaimed experts and review their successes and failures with other organizations before adopting them into your business strategy.
      • Review the backgrounds their “experts” have and make sure they have the industry and technical skill sets to perform the services to the required level.

    Not preparing for your growth can delay your goals

    Why can’t I get a new laptop?

    For example:

    • An IT professional services organization plans to take advantage of the growing work-from-home trend to expand its staff by 30% over the coming year.
    • Logically, this should include a review of the necessary tasks involved, including onboarding.
      • Suppose the company does not order enough equipment in preparation to cover the new staff plus routine replacement. In that case, this will delay the output of the new team members immeasurably as they wait for their company equipment and will delay existing staff whose equipment breaks, preventing them from getting back to work efficiently.

    Sometimes an organization has the right mindset to take advantage of the changes in the market but can fail to plan for the particulars.

    When your strategic plan changes, you need to revisit all the steps in the processes to ensure a successful outcome.

    Strategic risks

    Poor or uninformed business decisions can lead to organizational strategic failures

    • Supply chain disruptions and global shortages
      • Geopolitical disruptions and natural disasters have caused unprecedented interruptions to business. Incorporate forecasting of product and ongoing business continuity planning into your strategic plans to adapt as events unfold.
    • Poor vendor performance
      • Consider the impact of a vendor that fails to perform midway through the implementation. Organizations need to be able to manage the impact of replacing that vendor and cutting their losses rather than continuing to throw good money away after bad performance.
    • Vendor acquisitions
      • A lot of acquisition is going on in the market today. Large companies are buying competitors and either imposing new terms on customers or removing the competing products from the market. Prepare options for any strategy tied to a niche product.

    It is important to identify potential risks to strategic plans to manage the risk and be agile enough in planning to adapt to the changing environments.

    Info-Tech Insight
    Few organizations are good at identifying risks to their strategic plan. As a result, almost none realistically plan to monitor, manage, and adapt their strategies to those risks.

    Prepare your strategic risk management for success

    Due diligence will enable successful outcomes

    1. Obtain top-level buy-in; it is critical to success.
    2. Build enterprise risk management (ERM) through incremental improvement.
    3. Focus initial efforts on the “big wins” to prove the process works.
    4. Use existing resources.
    5. Build on any risk management activities that already exist in the organization.
    6. Socialize ERM throughout the organization to gain additional buy‑in.
    7. Normalize the process long term with ongoing updates and continuing education for the organization.

    (Adapted from COSO)

    How to assess strategic risk

    1. Review Organizational Strategy
      Understand the organizational strategy to prepare for the “What If” game exercise.
    2. Identify & Understand Potential Strategic Risks
      Play the “What If” game with the right people at the table.
    3. Create a Risk Profile Packet for Leadership
      Pull all the information together in a presentation document.
    4. Validate the Risks
      Work with leadership to ensure that the proposed risks are in line with their thoughts.
    5. Plan to Manage the Risks
      Lower the overall risk potential by putting mitigations in place.
    6. Communicate the Plan
      It is important not only to have a plan but also to socialize it in the organization for awareness.
    7. Enact the Plan
      Once the plan is finalized and socialized, put it in place with continued monitoring for success.

    Insight summary

    Insight 1

    Organizations build portions of their strategies around chosen vendors and should protect those plans against the risks of unforeseen acquisitions in the market.
    Is your vendor solvent? Does it have enough staff to accommodate your needs? Has its long-term planning been affected by changes in the market? Is it unique in its space?

    Insight 2

    Organizations’ strategic plans need to be adaptable to avoid vendors’ negative actions causing an expedited shift in priorities.
    For example, Philip's recall of ventilators impacted its products and the availability of its competitor’s products as demand overwhelmed the market.

    Insight 3

    Organizations need to become better at risk assessment and actively manage the identified risks to their strategic plans.
    Few organizations are good at identifying risks to their strategic plan. As a result, almost none realistically plan to monitor, manage, and adapt their strategies to those risks.

    Strategic risk impacts are often unanticipated, causing unforeseen downstream effects. Anticipating the potential changes in the global IT market and continuously monitoring vendors’ risk levels can help organizations modify their strategic alignment with the new norms.

    Identifying strategic risk

    Who should be included in the discussion

    • While it is true that executive-level leadership defines the strategy for an organization, it is vital for those making decisions to make informed decisions.
    • Getting input from operational experts at your organization will enhance the long-term potential for success of your strategies.
    • Involving those who directly manage vendors and understand the market will aid operational experts in determining the forward path for relationships with your current vendors and identifying new emerging potential strategic partners.

    Review your strategic plans for new risks and evolving likelihood on a regular basis.

    Keep in mind Risk = Likelihood x Impact (R=L*I).

    Impact (I) tends to remain the same, while Likelihood (L) is a very flexible variable.

    See the blueprint Build an IT Risk Management Program

    Managing strategic risk impacts

    What can we realistically do about the risks?

    • Review business continuity plans and disaster recovery testing.
    • Institute proper contract lifecycle management.
    • Re-evaluate corporate policies frequently.
    • Develop IT governance and change control.
    • Ensure strategic alignment in contracts.
    • Introduce continual risk assessment to monitor the relevant vendor markets.
      • Regularly review your strategic plans for new risks and evolving likelihood.
      • Risk = Likelihood x Impact (R=L*I)
        • Impact (I) tends to remain the same and be well understood, while Likelihood (L) turns out to be highly variable.
    • Be adaptable and allow for innovations that arise from the current needs.
      • Capture lessons learned from prior incidents to improve over time, and adjust your strategy based on the lessons.

    Organizations need to be reviewing their strategic risk plans considering the likelihood of incidents in the global market.

    Pandemics, extreme weather, and wars that affect global supply chains are a current reality, not unlikely scenarios.

    Ongoing Improvement

    Incorporating lessons learned

    • Over time, despite everyone’s best observations and plans, incidents will catch us off guard.
    • When it happens, follow your incident response plans and act accordingly.
    • An essential step is to document what worked and what did not – collectively known as the “lessons learned.”
    • Use the lessons learned document to devise, incorporate, and enact a better risk management process.

    Sometimes disasters occur despite our best plans to manage them.

    When this happens, it is important to document the lessons learned and improve our plans going forward.

    The “what if” game

    1-3 hours

    Vendor management professionals are in an excellent position to help senior leadership identify and pull together resources across the organization to determine potential risks. By playing the "what if" game and asking probing questions to draw out – or eliminate – possible adverse outcomes, everyone involved adds their insight into parts of the organization to gather a comprehensive picture of potential impacts.

    1. Break into smaller groups (or if too small, continue as a single group).
    2. Use the Strategic Risk Impact Tool to prompt discussion on potential risks. Keep this discussion flowing organically to explore all potentials but manage the overall process to keep the discussion pertinent and on track.
    3. Collect the outputs and ask the subject matter experts (SMEs) for management options for each one in order to present a comprehensive risk strategy. You will use this to educate senior leadership so that they can make an informed decision to accept or reject the solution.

    Download the Strategic Risk Impact Tool

    Input Output
    • List of identified potential risk scenarios scored by likelihood and financial impact
    • List of potential management of the scenarios to reduce the risk
    • Comprehensive strategic risk profile on the specific vendor solution
    Materials Participants
    • Whiteboard/flip charts
    • Strategic Risk Impact Tool to help drive discussion
    • Vendor Management – Coordinator
    • Organizational Leadership
    • Operations Experts (SMEs)
    • Legal/Compliance/Risk Manager

    Case Study

    Airline Industry Strategic Adaptation

    Industry: Airline

    Impact categories: Pandemic, Lockdowns, Travel Bans, Increased Fuel Prices

    • In 2019 the airline industry yielded record profits of $35.5 billion.
    • In 2020 the pandemic devastated the industry with losses around $371 billion.
    • The industry leaders engaged experts to conduct a study on how the pandemic impacted them and propose measures to ensure the survival of their industry in the future after the pandemic.
    • They determined that “[p]recise decision-making based on data analytics is essential and crucial for an effective Covid-19 airline recovery plan.”

    Results

    The pandemic prompted systemic change to the overall strategic planning of the airline industry.

    Summary

    Be vigilant and adaptable to change

    • Organizations need to learn how to assess the likelihood of potential risks in the changing global world.
    • Those organizations that incorporate adaptive risk management processes can prepare their strategic plans for greater success.
    • Bring the right people to the table to outline potential risks in the market.
    • Socialize the risk management process throughout the organization to heighten awareness and enable employees to help protect the strategic plan.
    • Incorporate lessons learned from incidents into your risk management process to build better plans for future issues.

    Organizations must evolve their strategic risk assessments to be more adaptive to respond to global changes in the market.

    Ongoing monitoring of the market and the vendors tied to company strategies is imperative to achieving success.

    Related Info-Tech Research

    Identify and Manage Financial Risk Impacts on Your Organization

    This image contains a screenshot from Info-Tech's Identify and Manage Financial Risk Impacts on Your Organization.
    • Vendor management practices educate organizations on the different potential financial impacts that vendors may incur and suggest systems to help manage them.
    • Prioritize and classify your vendors with quantifiable, standardized rankings.
    • Prioritize focus on your high-risk vendors.
    • Standardize your processes for identifying and monitoring vendor risks to manage financial impacts with our Financial Risk Impact Tool.

    Identify and Reduce Agile Contract Risk

    This image contains a screenshot from Info-Tech's Identify and Reduce Agile Contract Risk
    • Customer maturity levels with Agile are low, with 67% of organizations using Agile for less than five years.
    • Customer competency levels with Agile are also low, with 84% of organizations stating they are below a high level of competency.
    • Contract disputes are the number one or two types of disputes faced by organizations across all industries.

    Build an IT Risk Management Program

    This image contains a screenshot from Info-Tech's Build an IT Risk Management Program
    • Transform your ad hoc IT risk management processes into a formalized, ongoing program, and increase risk management success.
    • Take a proactive stance against IT threats and vulnerabilities by identifying and assessing IT’s greatest risks before they occur.
    • Involve key stakeholders including the business senior management team to gain buy-in and to focus on IT risks most critical to the organization.

    Bibliography

    Olaganathan, Rajee. “Impact of COVID-19 on airline industry and strategic plan for its recovery with special reference to data analytics technology.” Global Journal of Engineering and Technology Advances, vol 7, no 1, 2021, pp. 033-046.

    Tonello, Matteo. “Strategic Risk Management: A Primer for Directors.” Harvard Law School Forum on Corporate Governance, 23 Aug. 2012.

    Frigo, Mark L., and Richard J. Anderson. “Embracing Enterprise Risk Management: Practical Approaches for Getting Started.” COSO, 2011.

    Research Contributors and Experts

    • Frank Sewell
      Research Director, Info-Tech Research Group
    • Steven Jeffery
      Principal Research Director, Info-Tech Research Group
    • Scott Bickley
      Practice Lead, Info-Tech Research Group
    • Donna Glidden
      Research Director, Info-Tech Research Group
    • Phil Bode
      Principal Research Director, Info-Tech Research Group
    • David Espinosa
      Senior Director, Executive Services, Info-Tech Research Group
    • Rick Pittman
      Vice President, Research, Info-Tech Research Group
    • Patrick Philpot
      CISSP
    • Gaylon Stockman
      Vice President, Information Security
    • Jennifer Smith
      Senior Director

    Manage the Active Directory in the Service Desk

    • Buy Link or Shortcode: {j2store}489|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Service Desk
    • Parent Category Link: /service-desk
    • Actively maintaining the Active Directory is a difficult task that only gets more difficult with issues like stale accounts and privilege creep.
    • Adding permissions without removing them in lateral transfers creates access issues, especially when regulatory requirements like HIPAA require tight controls.
    • With the importance of maintaining and granting permissions within the Active Directory, organizations are hesitant to grant domain admin access to Tier 1 of the service desk. However, inundating Tier 2 analysts with requests to grant permissions takes away project time.

    Our Advice

    Critical Insight

    • Do not treat the Active Directory like a black box. Strive for accurate data and be proactive by managing your monitoring and audit schedules.
    • Catch outage problems before they happen by splitting monitoring tasks between daily, weekly, and monthly routines.
    • Shift left to save resourcing by employing workflow automation or scripted authorization for Tier 1 technicians.
    • Design actionable metrics to monitor and manage your Active Directory.

    Impact and Result

    • Consistent and right-sized monitoring and updating of the Active Directory is key to clean data.
    • Split monitoring activities between daily, weekly, and monthly checklists to raise efficiency.
    • If need be, shift-left strategies can be implemented for identity and access management by scripting the process so that it can be done by Tier 1 technicians.

    Manage the Active Directory in the Service Desk Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should manage your Active Directory in the service desk, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Maintain your Active Directory with clean data

    Building and maintaining your Active Directory does not have to be difficult. Standardized organization and monitoring with the proper metrics help you keep your data accurate and up to date.

    • Active Directory Standard Operating Procedure
    • Active Directory Metrics Tool

    2. Structure your service desk Active Directory processes

    Build a comprehensive Active Directory workflow library for service desk technicians to follow.

    • Active Directory Process Workflows (Visio)
    • Active Directory Process Workflows (PDF)
    [infographic]

    Effectively Recognize IT Employees

    • Buy Link or Shortcode: {j2store}547|cart{/j2store}
    • member rating overall impact (scale of 10): 8.0/10 Overall Impact
    • member rating average dollars saved: $100 Average $ Saved
    • member rating average days saved: 5 Average Days Saved
    • Parent Category Name: Engage
    • Parent Category Link: /engage
    • Even when organizations do have recognition programs, employees want more recognition than they currently receive.
    • In a recent study, McLean & Company found that 69% of IT employees surveyed felt they were not adequately praised and rewarded for superior work.
    • In a lot of cases, the issue with recognition programs isn’t that IT departments haven’t thought about the importance but rather that they haven’t focused on proper execution.

    Our Advice

    Critical Insight

    • You’re busy – don’t make your recognition program more complicated than it needs to be. Focus on day-to-day ideas and actively embed recognition into your IT team’s culture.
    • Recognition is impactful independent of rewards (i.e. items with a monetary value), but rewarding employees without proper recognition can be counterproductive. Put recognition first and use rewards as a way to amplify its effectiveness.

    Impact and Result

    • Info-Tech tools and guidance will help you develop a successful and sustainable recognition program aligned to strategic goals and values.
    • By focusing on three key elements – customization, alignment, and transparency – you can improve your recognition culture within four weeks, increasing employee engagement and productivity, improving relationships, and reducing turnover.

    Effectively Recognize IT Employees Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should implement an IT employee recognition program, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Effectively Recognize IT Employees – Executive Brief
    • Effectively Recognize IT Employees – Phases 1-3

    1. Assess the current recognition landscape

    Understand the current perceptions around recognition practices in the organization and determine the behaviors that your program will seek to recognize.

    • Effectively Recognize IT Employees – Phase 1: Assess the Current Recognition Landscape
    • IT Employee Recognition Survey Questions

    2. Design the recognition program

    Determine the structure and processes to enable effective recognition in your IT organization.

    • Effectively Recognize IT Employees – Phase 2: Design the Recognition Program
    • Employee Recognition Program Guide
    • Employee Recognition Ideas Catalog
    • Employee Recognition Nomination Form

    3. Implement the recognition program

    Rapidly build and roll out a recognition action and sustainment plan, including training managers to reinforce behavior with recognition.

    • Effectively Recognize IT Employees – Phase 3: Implement the Recognition Program
    • Recognition Action and Communication Plan
    • Manager Training: Reinforce Behavior With Recognition
    [infographic]

    Implement an IT Employee Development Plan

    • Buy Link or Shortcode: {j2store}592|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: 5 Average Days Saved
    • member rating average days saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • Parent Category Name: Train & Develop
    • Parent Category Link: /train-and-develop
    • There is a growing gap between the competencies organizations have been focused on developing and what is needed in the future.
    • Employees have been left to drive their own development with little direction or support and without the alignment of development to organizational needs.
    • The pace of change in today’s environment demands new competencies while making others obsolete, and IT is challenged with keeping up with upskilling employees.

    Our Advice

    Critical Insight

    • Organizations position development as employee-owned, yet employees still feel like their needs aren’t being met, and many leave as a result.
    • Development needs to be employee-owned and manager-supported but also organization-informed to ensure that it meets the organization’s needs.
    • Today, operating environments change quickly, and organizations need to develop the competencies employees need both today and in the future.

    Impact and Result

    • Design employee development plans that build the competencies the organization and IT department need both today and in the future.
    • Equip managers and build program support to foster continuous learning and development.
    • Connect the right development opportunity to the right employee through an effective development planning process.

    Implement an IT Employee Development Plan Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should implement effective development planning, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess employees' development needs

    Assist your employees in setting appropriate development goals.

    • Implement Effective Employee Development Planning – Phase 1: Assess Employees' Development Needs
    • IT Manager Job Aid: Employee Development
    • IT Employee Job Aid: Employee Development
    • IT Employee Career Development Workbook
    • Individual Competency Development Plan
    • IT Competency Library
    • Leadership Competencies Workbook

    2. Select appropriate activities for development

    Review existing and identify new development activities that employees can undertake to achieve their goals.

    • Implement Effective Employee Development Planning – Phase 2: Select Activities for Developing Prioritized Competencies
    • Learning Methods Catalog for IT Employees

    3. Build manager coaching skills

    Establish manager and employee follow-up accountabilities.

    • Implement Effective Employee Development Planning – Phase 3: Build Manager Coaching Skills to Support Employee Development
    • Role Play Coaching Scenarios
    [infographic]

    Prepare Your Application for PaaS

    • Buy Link or Shortcode: {j2store}181|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Architecture & Strategy
    • Parent Category Link: /architecture-and-strategy
    • The application may have been written a long time ago, and have source code, knowledge base, or design principles misplaced or lacking, which makes it difficult to understand the design and build.
    • The development team does not have a standardized practice for assessing cloud benefits and architecture, design principles for redesigning an application, or performing capacity for planning activities.

    Our Advice

    Critical Insight

    • An infrastructure-driven cloud strategy overlooks application specific complexities. Ensure that an application portfolio strategy is a precursor to determining the business value gained from an application perspective, not just an infrastructure perspective.
    • Business value assessment must be the core of your decision to migrate and justify the development effort.
    • Right-size your application to predict future usage and minimize unplanned expenses. This ensures that you are truly benefiting from the tier costing model that vendors offer.

    Impact and Result

    • Identify and evaluate what cloud benefits your application can leverage and the business value generated as a result of migrating your application to the cloud.
    • Use Info-Tech’s approach to building a robust application that can leverage scalability, availability, and performance benefits while maintaining the functions and features that the application currently supports for the business.
    • Standardize and strengthen your performance testing practices and capacity planning activities to build a strong current state assessment.
    • Use Info-Tech’s elaboration of the 12-factor app to build a clear and robust cloud profile and target state for your application.
    • Leverage Info-Tech’s cloud requirements model to assess the impact of cloud on different requirements patterns.

    Prepare Your Application for PaaS Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should build a right-sized, design-driven approach to moving your application to a PaaS platform, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Prepare Your Application for PaaS – Phases 1-2

    1. Create your cloud application profile

    Bring the business into the room, align your objectives for choosing certain cloud capabilities, and characterize your ideal PaaS environment as a result of your understanding of what the business is trying to achieve. Understand how to right-size your application in the cloud to maintain or improve its performance.

    • Prepare Your Application for PaaS – Phase 1: Create Your Cloud Application Profile
    • Cloud Profile Tool

    2. Evaluate design changes for your application

    Assess the application against Info-Tech’s design scorecard to evaluate the right design approach to migrating the application to PaaS. Pick the appropriate cloud path and begin the first step to migrating your app – gathering your requirements.

    • Prepare Your Application for PaaS – Phase 2: Evaluate Design Changes for Your Application
    • Cloud Design Scorecard Tool

    [infographic]

     
     

    Generative AI: Market Primer

    • Buy Link or Shortcode: {j2store}349|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management
    • Much of the organization remains in the dark for understanding what Gen AI is, complicated by ambiguous branding from vendors claiming to provide Gen AI solutions.
    • Searching the market for a Gen AI platform is nearly impossible, owing to the sheer number of vendors.
    • The evaluative criteria for selecting a Gen AI platform are unclear.

    Our Advice

    Critical Insight

    • You cannot rush Gen AI selection and implementation. Organizations with (1) FTEs devoted to making Gen AI work (including developers and business intelligence analysts), (2) trustworthy and regularly updated data, and (3) AI governance are just now reaching PoC testing.
    • Gen AI is not a software category – it is an umbrella concept. Gen AI platforms will be built on different foundational models, be trained in different ways, and provide varying modalities. Do not expect Gen AI platforms to be compared against the same parameters in a vendor quadrant.
    • Bad data is the tip of the iceberg for Gen AI risks. While Gen AI success will be heavily reliant on the quality of data it is fine-tuned on, there are independent risks organizations must prepare for, from Gen AI hallucinations and output reliability to infrastructure feasibility and handling high-volume events.
    • Prepare for ongoing instability in the Gen AI market. If your organization is unsure about where to start with Gen AI, the secure route is to examine what your enterprise providers are offering. Use this as a learning platform to confidently navigate which specialized Gen AI provider will be viable for meeting your use cases.

    Impact and Result

    • Consensus on Gen AI scope and key Gen AI capabilities
    • Identification of your readiness to leverage Gen AI applications
    • Agreement on Gen AI evaluative criteria
    • Knowledge of vendor viability

    Generative AI: Market Primer Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Generative AI: Market Primer – Contextualize the marketspace and prepare for generative AI selection.

    Use Info-Tech’s best practices for setting out a selection roadmap and evaluative criteria for narrowing down vendors – both enterprise and specialized providers.

    • Generative AI: Market Primer Storyboard
    • Data Governance Policy
    • AI Governance Storyboard
    • AI Architecture Assessment and Project Planning Tool
    • AI Architecture Assessment and Project Planning Tool – Sample
    • AI Architecture Templates
    [infographic]

    Further reading

    Generative AI: Market Primer

    Cut through Gen AI buzzwords to achieve market clarity.

    Analyst Perspective

    The generative AI (Gen AI) marketspace is complex, nascent, and unstable.

    Organizations need to get clear on what Gen AI is, its infrastructural components, and the governance required for successful platform selection.

    Thomas Randall

    The urge to be fast-moving to leverage the potential benefits of Gen AI is understandable. There are plenty of opportunities for Gen AI to enrich an organization’s use cases – from commercial to R&D to entertainment. However, there are requisites an organization needs to get right before Gen AI can be effectively applied. Part of this is ensuring data and AI governance is well established and mature within the organization. The other part is contextualizing Gen AI to know what components of this market the organization needs to invest in.

    Owing to its popularity surge, OpenAI’s ChatGPT has become near synonymous with Gen AI. However, Gen AI is an umbrella concept that encompasses a variety of infrastructural architecture. Organizations need to ask themselves probing questions if they are looking to work with OpenAI: Does ChatGPT rest on the right foundational model for us? Does ChatGPT offer the right modalities to support our organization’s use cases? How much fine-tuning and prompt engineering will we need to perform? Do we require investment in on-premises infrastructure to support significant data processing and high-volume events? And do we require FTEs to enable all this infrastructure?

    Use this market primer to quickly get up to speed on the elements your organization might need to make the most of Gen AI.

    Thomas Randall

    Advisory Director, Info-Tech Research Group

    Executive Summary

    Your Challenge

    • Much of the organization remains in the dark for understanding what Gen AI is, complicated by ambiguous branding from vendors claiming to provide Gen AI solutions.
    • Searching the market for a Gen AI platform is near impossible, owing to the sheer number of vendors.
    • The evaluative criteria for selecting a Gen AI platform is unclear.

    Common Obstacles

    • Data governance is immature within the organization. There is no source of truth or regularly updated organizational process assets.
    • AI functionality is not well understood within the organization; there is little AI governance for monitoring and controlling its use.
    • The extent of effort and resources required to make Gen AI a success remains murky.

    Info-Tech's Solution

    This market primer for Gen AI will help you:

    1. Contextualize the Gen AI market: Learn what components of Gen AI an organization should consider to make Gen AI a success.
    2. Prepare for Gen AI selection: Use Info-Tech’s best practices for setting out a selection roadmap and evaluative criteria for narrowing down vendors – both enterprise and specialized providers.

    “We are entering the era of generative AI.
    This is a unique time in our history where the benefits of AI are easily accessible and becoming pervasive with co-pilots emerging in the major business tools we use today. The disruptive capabilities that can potentially drive dramatic benefits also introduces risks that need to be planned for.”

    Bill Wong, Principal Research Director – Data and BI, Info-Tech Research Group

    Who benefits from this project?

    This research is designed for:

    • Senior IT, developers, data staff, and project managers who:
      • Have received a mandate from their executives to begin researching the Gen AI market.
      • Need to quickly get up to speed on the state of the Gen AI market, given no deep prior knowledge of the space.
      • Require an overview of the different components to Gen AI to contextualize how vendor comparisons and selections can be made.
      • Want to gain an understanding of key trends, risks, and evaluative criteria to consider in their selection process.

    This research will help you:

    • Articulate the potential business value of Gen AI to your organization.
    • Establish which high-value use cases could be enriched by Gen AI functionality.
    • Assess vendor viability for enterprise and specialized software providers in the Gen AI marketspace.
    • Collect information on the prerequisites for implementing Gen AI functionality.
    • Develop relevant evaluative criteria to assist differentiating between shortlisted contenders.

    This research will also assist:

    • Executives, business analysts, and procurement teams who are stakeholders in:
      • Contextualizing the landscape for learning opportunities.
      • Gathering and documenting requirements.
      • Building deliverables for software selection projects.
      • Managing vendors, especially managing the relationships with incumbent enterprise software providers.

    This research will help you:

    • Identify examples of how Gen AI applications could be leveraged for your organization’s core use cases.
    • Verify the extent of Gen AI functionality an incumbent enterprise provider has.
    • Validate accuracy of Gen AI language and architecture referenced in project deliverables.

    Insight Summary

    You cannot speedrun Gen AI selection and implementation.

    Organizations with (1) FTEs devoted to making Gen AI work (including developers and business intelligence analysts), (2) trustworthy and regularly updated data, and (3) AI governance are just now reaching PoC testing.

    Gen AI is not a software category – it is an umbrella concept.

    Gen AI platforms will be built on different foundational models, be trained in different ways, and provide varying modalities. Do not expect to compare Gen AI platforms to the same parameters in a vendor quadrant.

    Bad data is the tip of the iceberg for Gen AI risks.

    While Gen AI success will be heavily reliant on the quality of data it is fine-tuned on, there are independent risks organizations must prepare for: from Gen AI hallucinations and output reliability to infrastructure feasibility to handle high-volume events.

    Gen AI use may require changes to sales incentives.

    If you plan to use Gen AI in a commercial setting, review your sales team’s KPIs. They are rewarded for sales velocity; if they are the human-in-the-loop to check for hallucinations, you must change incentives to ensure quality management.

    Prepare for ongoing instability in the Gen AI market.

    If your organization is unsure about where to start with Gen AI, the secure route is to examine what your enterprise providers are offering. Use this as a learning platform to confidently navigate which specialized Gen AI provider will be viable for meeting your use cases.

    Brace for a potential return of on-premises infrastructure to power Gen AI.

    The market trend has been for organizations to move to cloud-based products. Yet, for Gen AI, effective data processing and fine-tuning may call for organizations to invest in on-premises infrastructure (such as more GPUs) to enable their Gen AI to function effectively.

    Info-Tech’s methodology for understanding the Gen AI marketspace

    Phase Steps

    1. Contextualize the Gen AI marketplace

    1. Define Gen AI and its components.
    2. Explore Gen AI trends.
    3. Begin deriving Gen AI initiatives that align with business capabilities.

    2. Prepare for and understand Gen AI platform offerings

    1. Review Gen AI selection best practices and requisites for effective procurement.
    2. Determine evaluative criteria for Gen AI solutions.
    3. Explore Gen AI offerings with enterprise and specialized providers.
    Phase Outcomes
    1. Achieve consensus on Gen AI scope and key Gen AI capabilities.
    2. Identify your readiness to leverage Gen AI applications.
    3. Hand off to Build Your Generative AI Roadmap to complete pre-requisites for selection.
    1. Determine whether deeper data and AI governance is required; if so, hand off to Create an Architecture for AI.
    2. Gain consensus on Gen AI evaluative criteria.
    3. Understand vendor viability.

    Guided Implementation

    Phase 1

    Phase 2

    • Call #1: Discover if Gen AI is right for your organization. Understand what a Gen AI platform is and discover the art of the possible.
    • Call #2: To take advantage of Gen AI, perform a business capabilities analysis to begin deriving Gen AI initiatives.
    • Call #3: Explore whether Gen AI initiatives can be achieved either with incumbent enterprise players or via procurement of specialized solutions.
    • Call #4: Evaluate vendors and perform final due diligence.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    The Gen AI market evaluation process should be broken into segments:

    1. Gen AI market education with this primer
    2. Structured approach to selection
    3. Evaluation and final due diligence

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful"

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Software selection engagement

    Five advisory calls over a five-week period to accelerate your selection process

    • Receive expert analyst guidance over five weeks (on average) to select and negotiate software.
    • Save money, align stakeholders, speed up the process, and make better decisions.
    • Use a repeatable, formal methodology to improve your application selection process.
    • Get better, faster results guaranteed, included in membership.
    Software selection process timeline. Week 1: Awareness - 1 hour call, Week 2: Education & Discovery - 1 hour call, Week 3: Evaluation - 1 hour call, Week 4: Selection - 1 hour call, Week 5: Negotiation & Configuration - 1 hour call.

    Click here to book your selection engagement.

    Software selection workshops

    40 hours of advisory assistance delivered online.

    Select better software, faster.

    • 40 hours of expert analyst guidance
    • Project and stakeholder management assistance
    • Save money, align stakeholders, speed up the process, and make better decisions
    • Better, faster results guaranteed; 25K standard engagement fee
    Software selection process timeline. Week 1: Awareness - 5 hours of Assistance, Week 2: Education & Discovery - 10 hours of assistance, Week 3: Evaluation - 10 hours of assistance, Week 4: Selection - 10 hours of assistance, Week 5: Negotiation & Configuration - 10 hours of assistance.

    Click here to book your workshop engagement.

    Make Your IT Governance Adaptable

    • Buy Link or Shortcode: {j2store}359|cart{/j2store}
    • member rating overall impact (scale of 10): 8.0/10 Overall Impact
    • member rating average dollars saved: $123,499 Average $ Saved
    • member rating average days saved: 10 Average Days Saved
    • Parent Category Name: IT Governance, Risk & Compliance
    • Parent Category Link: /it-governance-risk-and-compliance
    • People don’t understand the value of governance, seeing it as a hindrance to productivity and efficiency.
    • Governance is delegated to people and practices that don’t have the ability or authority to make these decisions.
    • Decisions are made within committees that don’t meet frequently enough to support business velocity.
    • It is difficult to allocate time and resources to build or execute governance effectively.

    Our Advice

    Critical Insight

    • IT governance applies not just to the IT department but to all uses of information and technology.
    • IT governance works against you if it no longer aligns with or supports your organizational direction, goals, and work practices.
    • Governance doesn’t have to be bureaucratic or control based.
    • Your governance model should be able to adapt to changes in the organization’s strategy and goals, your industry, and your ways of working.
    • Governance can be embedded and automated into your practices.

    Impact and Result

    • You will produce more value from IT by developing a governance framework optimized for your current needs and context, with the ability to adapt as your needs shift.
    • You will create the foundation and ability to delegate and empower governance to enable agile delivery.
    • You will identify areas where governance does not require manual oversight and can be embedded into the way you work.

    Make Your IT Governance Adaptable Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Make Your IT Governance Adaptable Deck – A document that walks you through how to design and implement governance that fits the context of your organization and can adapt to change.

    Our dynamic, flexible, and embedded approach to governance will help drive organizational success. The three-phase methodology will help you identify your governance needs, select and refine your governance model, and embed and automate governance decisions.

    • Make Your IT Governance Adaptable – Phases 1-3

    2. Adaptive and Controlled Governance Model Templates and Workbook – Documents that gather context information about your organization to identify the best approach for governance.

    Use these templates and workbook to identify the criteria and design factors for your organization and the design triggers to maintain fit. Upon completion this will be your new governance framework model.

    • Controlled Governance Models Template
    • IT Governance Program Overview
    • Governance Workbook

    3. Implementation Plan and Workbook – Tools that help you build and finalize your approach to implement your new or revised governance model.

    Upon completion you will have a finalized implementation plan and a visual roadmap.

    • Governance Implementation Plan
    • Governance Roadmap Workbook

    4. Governance Committee Charter Templates – Base charters that can be adapted for communication.

    Customize these templates to create the committee charters or terms of reference for the committees developed in your governance model.

    • IT PMO Committee Charter
    • IT Risk Committee Charter for Controlled Governance
    • IT Steering Committee Charter for Controlled Governance
    • Program Governance Committee Charter
    • Architecture Review Board Charter
    • Data Governance Committee Charter
    • Digital Governance Committee Charter

    5. Governance Automation Criteria Checklist and Worksheet – Tools that help you determine which governance decisions can be automated and work through the required logic and rules.

    The checklist is a starting point for confirming which activities and decisions should be considered for automation or embedding. Use the worksheet to develop decision logic by defining the steps and information inputs involved in making decisions.

    • Governance Automation Criteria Checklist
    • Governance Automation Worksheet

    Infographic

    Workshop: Make Your IT Governance Adaptable

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Develop Your Guiding Star

    The Purpose

    Establish the context for your governance model.

    Key Benefits Achieved

    Core understanding of the context that will enable us to build an optimal model

    Activities

    1.1 Confirm mission, vision, and goals.

    1.2 Define scope and principles.

    1.3 Adjust for culture and finalize context.

    Outputs

    Governance principles

    Governance context and goals

    2 Define the Governance Model

    The Purpose

    To select and adapt a governance model based on your context.

    Key Benefits Achieved

    A selected and optimized governance model

    Activities

    2.1 Select and refine governance model.

    2.2 Confirm and adjust the structure.

    2.3 Review and adapt governance responsibilities and activities.

    2.4 Validate governance mandates and membership.

    Outputs

    IT governance model and adjustment triggers

    IT governance structure, responsibilities, membership, and cadence

    Governance committee charters

    3 Build Governance Process and Policy

    The Purpose

    Refine your governance practices and associate policies properly.

    Key Benefits Achieved

    A completed governance model that can be implemented with clear update triggers and review timing

    Policy alignment with the right levels of authority

    Activities

    3.1 Update your governance process.

    3.2 Align policies to mandate.

    3.3 Adjust and confirm your model.

    3.4 Identify and document update triggers and embed into review cycle.

    Outputs

    IT governance process and information flow

    IT governance policies

    Finalized governance model

    4 Embed and Automate Governance

    The Purpose

    Identify options to automate and embed governance activities and decisions.

    Key Benefits Achieved

    Simply more consistent governance activities and automate them to enhance speed and support governance delegation and empowerment

    Activities

    4.1 Identify decisions and standards that can be automated. Develop decision logic.

    4.2 Plan verification and validation approach.

    4.3 Build implementation plan.

    4.4 Develop communication strategy and messaging.

    Outputs

    Selected automation options, decision logic, and business rules

    Implementation and communication plan

    Further reading

    Make Your IT Governance Adaptable

    Governance isn't optional, so keep it simple and make it flexible.

    Table of Contents

    4 Analyst Perspective

    5 Executive Summary

    13 Governance Stages

    14 Info-Tech’s IT Governance Thought Model

    19 Info-Tech’s Approach

    23 Insight Summary

    30 Phase 1: Identify Your Governance Needs

    54 Phase 2: Select and Refine Your Governance Model

    76 Phase 3: Embed and Automate

    94 Summary of Accomplishment

    95 Additional Support

    97 Contributors

    98 Bibliography

    Make Your IT Governance Adaptable

    Governance isn't optional, so keep it simple and make it flexible.

    EXECUTIVE BRIEF

    Analyst Perspective

    Governance will always be part of the fabric of your organization. Make it adaptable so it doesn’t constrain your success.

    Photo of Valence Howden, Principal Research Director, Info-Tech Research Group

    Far too often, the purpose of information and technology (I&T) governance is misunderstood. Instead of being seen as a way to align the organization’s vision to its investment in information and technology, it has become so synonymous with compliance and control that even mentioning the word “governance” elicits a negative reaction.

    Success in modern digital organizations depends on their ability to adjust for velocity and uncertainty, requiring a dynamic and responsive approach to governance – one that is embedded and automated in your organization to enable new ways of working, innovation, and change.

    Evolutionary theory describes adaptability as the way an organism adjusts to fit a new environment, or changes to its existing environment, to survive. Applied to organizations, adaptable governance is critical to the ability to survive and succeed.

    If your governance doesn’t adjust to enable your changing business environment and customer needs, it will quickly become misaligned with your goals and drive you to failure.

    It is critical that people build an approach to governance that is effective and relevant today while building in adaptability to keep it relevant tomorrow.

    Valence Howden
    Principal Research Director, Info-Tech Research Group

    Executive Summary

    Your Challenge

    • People don’t understand the value of governance, seeing it as a hindrance to productivity and efficiency.
    • Governance is delegated to people and practices that don’t have the ability or authority to make decisions.
    • Decisions are made within committees that don’t meet frequently enough to support business velocity.
    • It is difficult to allocate time and resources to build or execute governance effectively

    Common Obstacles

    • You are unable to clearly communicate how governance adds value to your organization.
    • Your IT governance approach no longer aligns with or supports your organizational direction, goals, and work practices.
    • Governance is seen and performed as a bureaucratic control-based exercise.
    • Governance activities are not transparent.
    • The governance committee gets too deeply involved with project deep dives and daily management, derailing its effectiveness and ability to produce value.

    Info-Tech’s Approach

    • Use Info-Tech’s IT governance models to identify a base model similar to the way you are organized. Confirm your current and future placement in governance execution.
    • Adjust the model based on industry needs, your principles, regulatory requirements, and your future direction.
    • Identify where to embed or automate decision making and compliance and what is required to do so effectively.
    • Implement your governance model for success.

    Info-Tech Insight

    IT governance must be embedded and automated, where possible, to effectively meet the needs and velocity of digital organizations and modern practices and to drive success and value.

    What is governance?

    IT governance is a critical and embedded practice that ensures that information and technology investments, risks, and resources are aligned in the best interests of the organization and produce business value.

    Effective governance ensures that the right technology investments are made at the right time to support and enable your organization’s mission, vision, and goals.

    5 KEY OUTCOMES OF GOOD GOVERNANCE

    STRATEGIC ALIGNMENT

    Technology investments and portfolios are aligned with the organization's strategic objectives.

    RISK OPTIMIZATION

    Organizational risks are understood and addressed to minimize impact and optimize opportunities.

    VALUE DELIVERY

    IT investments and initiatives deliver their expected benefits.

    RESOURCE OPTIMIZATION

    Resources (people, finances, time) are appropriately allocated across the organization to optimal organizational benefit.

    PERFORMANCE MEASUREMENT

    The performance of technology investments is monitored and used to determine future courses of action and to confirm achievement of success.

    ‹–EVALUATE–DIRECT–MONITOR–›

    Why is this necessary?

    • Governance is not simply a committee or an activity that you perform at a specific point in time; it is a critical and continuously active practice that drives the success of your organization. It is part of your organization’s DNA and is just as unique, with some attributes common to all (IT governance elements), some specific to your family (industry refinements), and some specific to you (individual organization).
    • Your approach to governance needs to change over time in order to remain relevant and continue to enable value and success, but organizations rarely want to change governance once it’s in place.
    • To meet the speed and flow of practices like Lean, DevOps, and Agile, your IT governance needs to be done differently and become embedded into the way your organization works. You must adjust your governance model based on key moments of change – organizational triggers – to maintain the effectiveness of your model.

    Info-Tech Insight

    Build an optimal model quickly and implement the core elements using an iterative approach to ensure the changes provide the most value.

    The Technology Value Trinity

    Delivery of Business Value & Strategic Needs

    • DIGITAL & TECHNOLOGY STRATEGY
      The identification of objectives and initiatives necessary to achieve business goals.
    • IT OPERATING MODEL
      The model for how IT is organized to deliver on business needs and strategies.
    • INFORMATION & TECHNOLOGY GOVERNANCE
      The governance to ensure the organization and its customers get maximum value from the use of information and technology.

    All three elements of the Technology Value Trinity work in harmony to deliver business value and meet strategic needs. As one changes, the others need to change as well.

    • Digital and IT Strategy tells you what you need to achieve to be successful.
    • IT Operating Model and Organizational Design is the alignment of resources to deliver on your strategy and priorities.
    • Information & Technology Governance is the confirmation that IT’s goals and strategy align with the business’ strategy. It is the mechanism by which you continuously prioritize work to ensure that what you deliver is in line with the strategy. This oversight involves evaluating, directing, and monitoring the delivery of outcomes to ensure that the use of resources results in achieving the organization’s goals.

    Too often strategy, operating model and organizational design, and governance are considered separate practices. As a result, “strategic documents” end up being wish lists, and projects continue to be prioritized based on who shouts the loudest rather than on what is in the best interest of the organization.

    Where information & technology governance fits within an organization

    An infographic illustrating where Governance fits within an organization. The main section is titled 'Enterprise Governance and Strategy' and contains 'Value Outcomes', 'Mission and Vision', 'Goals and Objectives', and 'Guiding Principles'. These all feed into the highlighted 'Information & Technology Governance', which then contributes to 'IT Strategy', which lies outside the main section.

    I&T governance hasn’t achieved its purpose

    Governance is the means by which IT ensures that information and technology delivery and spend is aligned to business goals and delivers business outcomes. However, most CEOs continue to perceive IT as being poorly aligned to the business’ strategic goals, which indicates that governance is not implemented or executed properly.

    For I&T governance to be effective you need a clear understanding of the things that drive your organization and its success. This understanding becomes your guiding star, which is critical for effective governance. It also requires participation by all parts of the organization, not just IT.

    Info-Tech CIO/CEO Alignment Diagnostics (N=124)

    43% of CEOs believe that business goals are going unsupported by IT.

    60% of CEOs believe that improvement is required around IT’s understanding of business goals.

    80% of CIOs/CEOs are misaligned on the target role for IT.

    30% of business stakeholders are supporters (N=32,536) of their IT departments

    Common causes of poor governance

    Key causes of poor or misaligned governance

    1. Governance and its value to your organization is not well understood, often being confused or integrated with more granular management activities.
    2. Business executives fail to understand that IT governance is a function of the business and not the IT department.
    3. Poor past experiences have made “governance” a bad word in the organization. People see it as a constraint and barrier that must be circumvented to get work done.
    4. There is misalignment between accountability and authority throughout the organization, and the wrong people are involved in governance practices.
    5. There is an unwillingness to change a governance approach that has served the organization well in the past, leading to challenges when the organization starts to change practices and speed of delivery.
    6. There is a lack of data and data-related capabilities required to support good decision making and the automation of governance decisions.
    7. The goals and strategy of the organization are not known or understood, leaving nothing for IT governance to orient around.

    Key symptoms of ineffective governance committees

    1. No actions or decisions are generated. The committee produces no value and makes no decisions after it meets. The lack of value output makes the usefulness of the committee questionable.
    2. Resources are overallocated. There is a lack of clear understanding of capacity and value in work to be done, leading to consistent underestimation of required resources and poor resource allocation.
    3. Decisions are changed outside of committee. Decisions made or initiatives approved by the committee are later changed when the proper decision makers are involved or the right information becomes available.
    4. Governance decisions conflict with organizational direction. This shows an obvious lack of alignment and behavioral disconnect that work against organizational success. It is often due to not accounting for where power really exists within the structure.
    5. Consistently poor outcomes are produced from governance direction. Committee members’ lack of business acumen, relevant data, or understanding of organizational goals results in decisions that fail to drive successful measured outcomes.

    Mature your governance by transitioning from ad hoc to automated

    Organizations should look to progress in their governance stages. Ad hoc and controlled governance practices tend to be more rigid, making these a poor fit for organizations requiring higher velocity delivery or using more agile and adaptive practices.

    The goal as you progress through these stages is to delegate governance and empower teams based on your fit and culture, enabling teams where needed to make optimal decisions in real time, ensuring that they are aligned with the best interests of the organization.

    Automate governance for optimal velocity while mitigating risks and driving value.

    This puts your organization in the best position to be adaptive, able to react effectively to volatility and uncertainty.

    A graph illustrating the transition from Ad Hoc to Automated. The y-axis is 'Process Integration' and x-axis is 'Trust & Empowerment'. 'Ad Hoc: Inconsistent Decision Making' lies close to the origin, ranking low on both axes' values. 'Controlled: Authoritarian, Highly Structured' ranks slightly higher on both axes. 'Agile: Distributed & Empowered' ranks 2nd highest on both axes. 'Automated: High Velocity, Embedded & Flexible' ranks highest on both axes.

    Stages of governance

    Adaptive
    Data-Centric


    ˆ


    ˆ


    ˆ


    ˆ


    ˆ
    Traditional
    (People- and Document-Centric)

    4

    Automated Governance
    • Entrenched into organizational processes and product/service design
    • Empowered and fully delegated to maintain fit and drive organizational success and survival

    3

    Agile Governance
    • Flexible enough to support different needs in the organization and respond quickly to change
    • Driven by principles and delegated throughout the company

    2

    Controlled Governance
    • Focused on compliance and hierarchy-based authority
    • Levels of authority defined and often driven by regulatory requirements

    1

    Ad Hoc Governance
    • Not well defined or understood within the organization
    • Occurs out of necessity but often not done by the right people or bodies

    Make Governance Adaptable and Automated to Drive Success and Value

    Governance adaptiveness ensures the success of digital organizations and modern practice implementation.

    THE PROBLEM

    • The wrong people are making decisions.
    • Organizations don't understand what governance is or why it's done.
    • Governance scope and design is a bad fit, damaging the organization.
    • People think governance is optional.

    THE SOLUTION

    ESTABLISH YOUR GUIDING PRINCIPLES

    Define and establish the guiding principle that drive your organization toward success.

    • Mission & Vision
    • Business Goals & Success Criteria
    • Operating Model & Work Practices
    • Governance Scope
    • Principles
    SELECT AND REFINE YOUR MODEL

    Use Info-Tech's IT Governance Models to identify a base model similar to the way you are organized. Confirm your current and future placement in governance execution.

    IDENTIFY MODEL UPDATE TRIGGERS

    Adjust the model based on industry needs, your principles, regulatory requirements, and future direction.

    • Principles
      Select principles that allow the organization to be adaptive while still ensuring the governance continues to stay on course with pursuing its guiding star.
    • Responsibilities
      Decide on the governance responsibilities related to Oversight Level, Strategic Alignment, Value Delivery, Risk Optimization, Resource Optimization, and Performance Management.
    • Structure
      Determine at which structured level governance is appropriate: Enterprise, Strategic, Tactical, or Operational.
    • Processes
      Establish processes that will enable governance to occur such as: Embed the processes required for successful governance.
    • Membership
      Identify the Responsibility & Accountability of those who should be involved in governance processes, policies, guidelines, and responsibilities.
    • Policies
      Confirm any governing policies that need to be adhered to and considered to manage risk.
    DETERMINE AUTOMATION OPTIONS AND DECISION RULES

    Identify where to embed or automate decision making and compliance and what is required to do so effectively.

    STAGES OF GOVERNANCE

      Traditional (People- and document-centric)
    1. AD HOC GOVERNANCE
      Governance that is not well defined or understood within the organization. It occurs out of necessity but often not by the right people or bodies.
    2. CONTROLLED GOVERNANCE
      Governance focused on compliance and hierarchy-based, authority-driven control of decisions. Levels of Authority are defined and often driven by regulatory requirements.
    3. Adaptive (Data Centric)
    4. AGILE GOVERNANCE
      Governance that is flexible to support different needs and quick responses in the organization. Driven by principles and delegated throughout the company.
    5. AUTOMATED GOVERNANCE
      Governance that is entrenched and automated into the organizational processes and product/service design. Empowered and fully delegated governance to maintain fit and drive organizational success and survival.

    KEY INSIGHT

    Governance must actively adapt to changes in your organization, environment, and practices or it will drive you to failure.

    Developing governance principles

    Governance principles support the move from controlled to automated governance by providing guardrails that guide your decisions. They provide the ethical boundaries and cultural perspectives that contextualize your decisions and keep you in line with organizational values. Determining principles are global in nature.

    CONTROLLED CHANGE ACTIONS AND RATIONALE AUTOMATED
    Disentangle governance and management Move from governance focused on evaluating, directing, and monitoring strategic decisions around information and technology toward defining and automating rules and principles for decision making into processes and practices, empowering the organization and driving adaptiveness. Delegate and empower
    Govern toward value Move from identifying the organization’s mission, goals, and key drivers toward orienting IT to align with those value outcomes and embedding value outcomes into design and delivery practices. Deliver to defined outcomes
    Make risk-informed decisions Move from governance bodies using risk information to manually make informed decisions based on their defined risk tolerance toward having risk information and attestation baked into decision making across all aspects and layers of the IT organization – from design to sustainment. Embed risk decision making into processes and practices
    Measure to drive improvement Move from static lagging metrics that validate that the work being done is meeting the organization’s needs and guide future decision making toward automated governance with more transparency driven by data-based decision making and real-time data insights. Trust through real-time reporting
    Enforce standards and behavior Move from enforcing standards and behavior and managing exceptions to ensure that there are consistent outcomes and quality toward automating standards and behavioral policies and embedding adherence and changes in behavior into the organization’s natural way of working. Automate standards through automated decision rules, verification, and validation

    Find your guiding star

    MISSION AND VISION –› GOALS AND OBJECTIVES –› GUIDING PRINCIPLES –›

    VALUE

    Why your organization exists and what value it aims to provide. The purpose you build a strategy to achieve. What your organization needs be successful at to fulfill its mission. Key propositions and guardrails that define and guide expected organizational behavior and beliefs.

    Your mission and vision define your goals and objectives. These are reinforced by your guiding principles, including ethical considerations, your culture, and expected behaviors. They provide the boundaries and guardrails for enabling adaptive governance, ensuring you continue to move in the right direction for organizational success.

    To paraphrase Lewis Carroll, “If you don't know where you want to get to, it doesn't much matter which way you go.” Once you know what matters, where value resides, and which considerations are necessary to make decisions, you have consistent directional alignment that allows you to delegate empowered governance throughout the organization, taking you to the places you want to go.

    Understand governance versus management

    Don’t blur the lines between governance and management; each has a unique role to play. Confusing them results in wasted time and confusion around ownership.

    Governance

    I&T governance defines WHAT should be done and sets direction through prioritization and decision making, monitoring overall IT performance.

    Governance aligns with the mission and vision of the organization to guide IT.

    A cycle of processes split into two halves, 'Governance Processes' and 'Management Processes'. Beginning on the Management side, the processes are 'Plan', 'Build', 'Run', 'Monitor', then to the Governance side, 'Evaluate', 'Direct', 'Monitor', and back to the beginning.

    Management

    Management focuses on HOW to do things to achieve the WHAT. It is responsible for executing on, operating, and monitoring activities as determined by I&T governance.

    Management makes decisions for implementation based on governance direction.

    Data is critical to automating governance

    Documents and subjective/non-transparent decisions do not create sufficient structure to allow for the true automation of governance. Data related to decisions and aggregated risk allow you to define decision logic and rules and algorithmically embed them into your organization.

    People- and Document-Centric

    Governance drives activities through specific actors (individuals/committees) and unstructured data in processes and documents that are manually executed, assessed, and revised. There are often constraints caused by gaps or lack of adequate and integrated information in support of good decisions.

    Data-Centric

    Governance actors provide principles, parameters, and decision logic that enable the creation of code, rulesets, and algorithms that leverage organizational data. Attestation is automatic – validated and managed within the process, product, or service.

    Info-Tech’s Approach

    Define your context and build your model

    ESTABLISH YOUR GUIDING PRINCIPLES

    Define and establish the guiding principle that drive your organization toward success.

    • Mission & Vision
    • Business Goals & Success Criteria
    • Operating Model & Work Practices
    • Governance Scope
    • Principles
    SELECT AND REFINE YOUR MODEL

    Use Info-Tech's IT Governance Models to identify a base model similar to the way you are organized. Confirm your current and future placement in governance execution.

    MODEL UPDATE TRIGGERS

    Adjust the model based on industry needs, your principles, regulatory requirements, and future direction.

    • Principles
      Select principles that allow the organization to be adaptive while still ensuring the governance continues to stay on course with pursuing its guiding star.
    • Responsibilities
      Decide on the governance responsibilities related to Oversight Level, Strategic Alignment, Value Delivery, Risk Optimization, Resource Optimization, and Performance Management.
    • Structure
      Determine at which structured level governance is appropriate: Enterprise, Strategic, Tactical, or Operational.
    • Processes
      Establish processes that will enable governance to occur such as: Embed the processes required for successful governance.
    • Membership
      Identify the Responsibility & Accountability of those who should be involved in governance processes, policies, guidelines, and responsibilities.
    • Policies
      Confirm any governing policies that need to be adhered to and considered to manage risk.
    AUTOMATION OPTIONS AND DECISION RULES

    Identify where to embed or automate decision making and compliance and what is required to do so effectively.

    The Info-Tech Difference

    Define your context and build your model

    1. Quickly identify the organizational needs driving governance and your guiding star.
    2. Select and refine a base governance model based on our templates.
    3. Define and document the key changes in your organization that will trigger a need to update or revise your governance.
    4. Determine where you might be able to automate aspects of your governance.
    5. Design your decision rules where appropriate to support automated and adaptive governance.

    How to use this research

    Where are you in your governance optimization journey?

    MY GOVERNANCE IS AD HOC AND WE’RE STARTING FROM SCRATCH I NEED TO BUILD A NEW GOVERNANCE STRUCTURE OUR GOVERNANCE APPROACH IS INEFFECTIVE AND NEEDS IMPROVEMENT I NEED TO LOOK AT OPTIONS FOR AUTOMATING GOVERNANCE PRACTICES
    Step 1.1: Define Your Governance Context Step 1.2: Structure Your IT Governance Phase 2: Select and Refine Your Model Phase 3: Embed and Automate

    IT governance is about ensuring that the investment decisions made around information and technology drive the optimal organizational value, not about governing the IT department.

    In this section we will clarify your organizational context for governance and define your guiding star to orient your governance design and inform your structure.

    There is no need to start from scratch! Start with Info-Tech’s best-practice IT governance models and customize them based on your organizational context.

    The research in this section will help you to select the right base model to work from and provide guidance on how to refine it.

    Governance practices eventually stop being a good fit for a changing organization, and things that worked before become bottlenecks.

    Governing roles and committees don’t adjust well, don’t have consistent practices, and lack the right information to make good decisions.

    The research in this section will help you improve and realign your governance practices.

    Once your governance is controlled and optimized you are ready to investigate opportunities to automate.

    This phase of the blueprint will help you determine where it’s feasible to automate and embed governance, understand key governance automation practices, and develop governing business rules to move your journey forward.

    Related Research:

    If you are looking for details on specific associated practices, please see our related research:

    1. I need to establish data governance.
    2. I need to manage my project portfolio, from intake to confirmation of value.
    3. I need better risk information to support decision making.
    4. I need to ensure I am getting the expected outcomes and benefits from IT spend.
    5. I need to prioritize my product backlog or service portfolio.

    Info-Tech’s methodology for building and embedding adaptive governance

    1. Identify Your Governance Needs 2. Select and Refine Your Governance Model 3. Embed and Automate
    Phase Steps
    1. Confirm Mission, Vision, and Goals
    2. Define Scope and Principles
    3. Adjust for Culture and Finalize Context
    1. Select and Refine Your Governance Model
    2. Identify and Document Your Governance Triggers
    3. Build Your Implementation Plan
    1. Identify Decisions to Embed and Automate
    2. Plan Validation and Verification
    3. Update Implementation Plan
    Phase Outcomes
    • Governance context, guiding star, and principles
    • Completed governance model with associated decisions and policies
    • Implementation plan
    • List of automation options
    • Decision logic, rules, and rulesets
    • Validation and verification approach
    • Finalized implementation plan

    Insight summary

    Value

    To remain valuable, I&T governance must actively adapt to changes in your organization, environment, and practices, or it will drive you to failure instead of success.

    Focus

    I&T governance does not focus on the IT department. Rather, its intent is to ensure your organization makes sound decisions around investment in and use of information and technology.

    Maturity

    Your governance approach progresses in stages from ad hoc to automated as your organization matures. Your stage depends on your organizational needs and ways of working.

    Good governance

    Good governance does not equate to control and does not stifle innovation.

    Automation

    Automating governance must be done in stages, based on your capabilities, level of maturity, and amount of usable data.

    Strategy

    Establish the least amount of governance required to allow you to achieve your goals.

    Guiding star

    If you don’t establish a guiding star to align the different stakeholders in your organization, governance practices will create conflict and confusion.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Key Deliverable:
    Governance Framework Model

    The governance framework model provides the design of your new governance model and the organizational context to retain stakeholder alignment and organizational satisfaction with governance.

    The model includes the structures, practices, and responsibilities to drive effective governance in your organization.

    Sample of the key blueprint deliverable 'Governance Framework Model'.

    Governance Implementation Plan

    This roadmap lays out the changes required to implement the governance model, the cultural items that need to be addressed, and anticipated timing.

    Sample of the blueprint deliverable 'Governance Implementation Plan'.

    Governance Committee Charters

    Develop a detail governance charter or term of reference for each governing body. Outline the mandate, responsibilities, membership, process, and associated policies for each.

    Sample of the blueprint deliverable 'Governance Committee Charters'.

    Blueprint benefits

    IT Benefits

    • Stronger, traceable alignment of IT decisions and initiatives to business needs.
    • Improved ability for IT to meet the changing demands and velocity of the business.
    • Better support and enablement of innovation – removing constraints and barriers.
    • Optimized governance that supports and enables modern work practices.
    • Increased value generation from IT initiatives and optimal use of IT resources.
    • Designed adaptability to ensure you remain in alignment as your business and IT environments change.

    Business Benefits

    • Clear transparent focus of IT initiatives on generating strategic business value.
    • Improved ability to measure the value and contribution of IT to business goals.
    • Alignment and integration of business/IT strategy.
    • Optimized development and use of IT capabilities to meet business needs.
    • Improved integration with corporate/enterprise governance.

    Executive Brief Case Study

    INDUSTRY Manufacturing
    SOURCE Info-Tech analyst experience

    Improving the governance approach and delegating decision making to support a change in business operation

    Challenge

    The large, multi-national organization has locations across the world but has two primary headquarters, in Europe and the United States.

    Market shifts drove an organizational shift in strategy, leading to a change in operating models, a product focus, and new work approaches across the organization.

    Much of the implementation and execution was done in isolation, and effectiveness was slowed by poor integration and conflicting activities that worked against each other.

    The product owner role was not well defined.

    Solution

    After reviewing the organization’s challenges and governance approach, we redefined and realigned its organizational and regional goals and identified outcomes that needed to be driven into their strategies.

    We also reviewed their span of control and integration requirements and properly defined decisions that could be made regionally versus globally, so that decisions could be made to support new work practices.

    We defined the product and service owner roles and the decisions each needed to make.

    Results

    We saw an improvement in the alignment of organizational activities and the right people and bodies making decisions.

    Work and practices were aimed at the same key outcomes and alignment between teams toward organizational goal improved.

    Within one year, the success rate of the organization’s initiatives increased by 22%, and the percentage of product-related decisions made by product owners increased by 50%.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 5 and 8 calls over the course of 2 to 3 months.

    What does a typical GI on this topic look like?

      Phase 1: Identify Your Governance Needs

    • Call #1: Confirm your organization’s mission and vision and review your strategy and goals.
    • Call #2: Identify considerations and governance needs. Develop your guiding star and governing principles.
    • Phase 2: Select and Refine Your Model

    • Call #3: Select your base model and optimize it to meet your governance needs.
    • Call #4: Define your adjustment triggers and develop your implementation plan.
    • Phase 3: Embed and Automate

    • Call #5: Identify decisions and standards you can automate and where to embed them.
    • Call #6: Confirm levels of authority and data requirements. Establish your approach and update the implementation plan.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com1-888-670-8889

    Session 1 Session 2 Session 3 Session 4 Session 5
    Activities
    Develop Your Guiding Star

    1.1 Confirm mission, vision, and goals

    1.2 Define scope and principles

    1.3 Adjust for culture and finalize context

    Define the Governance Model

    2.1 Select and refine governance model

    2.2 Confirm and adjust the structure

    2.3 Review and adapt governance responsibilities and activities

    2.4 Validate governance mandates and membership

    Build Governance Process and Policy

    3.1 Update your governance process

    3.2 Align policies to mandate

    3.3 Adjust and confirm your governance model

    3.4 Identify and document your update triggers

    3.5 Embed triggers into review cycle

    Embed and Automate Governance

    4.1 Identify decisions and standards to automate

    4.2 Plan verification and validation approach

    4.3 Build implementation plan

    4.4 Develop communication strategy and messaging

    Next Steps and Wrap-Up

    5.1 Complete in-progress outputs from previous four sessions

    5.2 Set up review time for workshop outputs and to discuss next steps

    Outcomes
    1. Governance context and goals
    2. Governance principles
    1. IT governance model and adjustment triggers
    2. IT governance structure, responsibilities, membership, and cadence
    3. Governance committee charters
    1. IT governance process and information flow
    2. IT governance policies
    3. Finalized governance model
    1. Selected automation options, decision logic, and business rules
    2. Implementation and communication plan
    1. Governance context and principles
    2. Finalized governance model and charters
    3. Finalized implementation plan

    Make Your IT Governance Adaptable

    Phase 1

    Identify your Governance Needs

    Phase 1

    • 1.1 Define Your Guiding Star
    • 1.2 Define Scope and Principles
    • 1.3 Adjust for Culture and Finalize Context

    Phase 2

    • 2.1 Choose and Adapt Your Model
    • 2.2. Identify and Document Your Governance Triggers
    • 2.3 Build Your Implementation Approach

    Phase 3

    • 3.1 Identify Decisions to Embed and Automate
    • 3.2 Plan Validation and Verification
    • 3.3 Update Implementation Plan

    This phase will walk you through the following activities:

    Identify the organization’s goals, mission, and vision that will guide governance.

    Define the scope of your governance model and the principles that will guide how it works.

    Account for organizational attitudes, behaviors, and culture related to governance and finalize your context.

    This phase involves the following participants:

    • Senior IT leadership
    • Governance leads

    Step 1.1

    Define Your Guiding Star

    Activities
    • 1.1.1 Document and interpret your strategy, mission, and vision
    • 1.1.2 Document and interpret the business and IT goals and outcomes
    • 1.1.3 Identify your operating model and work processes

    This step will walk you through the following activities:

    Review your business and IT strategy, mission, and vision to ensure understanding of organizational direction.

    Identify the business and IT goals that governance needs to align.

    Confirm your operating model and any work practices that need to be accounted for in your model.

    This step involves the following participants:

    • Senior IT leadership
    • Governance leads

    Outcomes of this step

    Identified guiding star outcomes to align governance outcomes with

    Defined operating model type and work style that impact governance design

    Identify Your Governance Needs

    Step 1.1 – Define your Guiding Star Step 1.2 – Define Scope and Principles Step 1.3 – Adjust for Culture and Finalize Context

    Govern by intent

    Find the balance for your designed governance approach

    Organic governance occurs during the formation of an organization and shifts with challenges, but it is rarely transparent and understood. It changes your culture in uncontrolled ways. Intentional governance is triggered by changes in organizational needs, working approaches, goals, and structures. It is deliberate and changes your culture to enable success.
    Stock photo of a weight scale.

    Info-Tech Insight

    Your approach to governance needs to be designed, even if your execution of governance is adaptable and delegated.

    What is your guiding star?

    Your guiding star is a combination of your organization’s mission, vision, and strategy and the goals that have been defined to meet them.

    It provides you with a consistent focal point around which I&T-related activities and projects orbit, like planets around a star.

    It generates the gravity that governance uses to keep things from straying too far away from the goal of achieving relevant value.

    1. Mission & Vision
    2. Business Goals & Success Criteria
    3. Operating Model & Work Practices
    4. Governance Scope
    5. Principles

    1.1.1 Document and interpret your strategy, mission, and vision

    30 minutes

    Input: Business strategy, IT strategy, Mission and vision statements

    Output: Updated Governance Workbook, Documented strategic outcomes and organizational aims that governance needs to achieve

    Materials: Whiteboard/flip charts, Governance Workbook

    Participants: IT senior leadership

    1. Gather your available business, digital, and IT strategy, mission, and vision information and document everything in your Governance Workbook. It’s ok if you don’t have all of it.
    2. Review and your mission and vision as a group. Discuss and document key points, including:
      • Which activities do you perform as an organization that embody your vision?
      • What key decisions and behaviors are required to ensure that your mission and vision are achievable?
      • What do you require from leadership to enable you to govern effectively?
      • What are the implications of the mission and vision on how the organization needs to work? What are the implications on decisions around opportunities and risks?

    Download the Governance Workbook

    1.1.2 Document and interpret the business and IT goals and outcomes

    60 minutes

    Input: Business strategy, Business and IT goals and related initiatives

    Output: Required success outcomes for goals, Links between IT and business goals that governance needs to align

    Materials: Whiteboard/flip charts

    Participants: IT senior leadership

    1. Document the business and IT goals that have been created to achieve the mission and vision.
    2. Discuss if there are any gaps between the goals and the mission and vision. Ask yourself – if we accomplish these goals will we have successfully achieved the mission?
    3. For each goal, define what successful achievement of the goal looks like. Starting with one goal or objective, ask:
      • How would I know I am on the right path and how will I know I have gotten there?
      • How would I know if I am not on the right path and what does a bad result look like?
    4. Document your success criteria.
    5. Brainstorm some examples of decisions that support or constrain the achievement of your goals.
    6. Repeat this exercise for your remaining goals.
    7. As a group, map IT goals to business goals.

    What is your operating model and why is it important?

    An IT operating model is a visual representation of the way your IT organization needs to be designed and the capabilities it requires to deliver on the business mission, strategic objectives, and technological ambitions.

    The model is critical in the optimization and alignment of the IT organization’s structure in order to deliver the capabilities required to achieve business goals. It is a key determinant of how governance needs to be designed and where it is implemented.

    Little visualizations of different operating models: 'Centralized', 'Decentralized', and 'Hybrid'.

    1.1.3 Identify your operating model and work practices

    60 minutes

    Input: Organizational structure, Operating model (if available)

    Output: Confirmed operating approach, Defined work practices

    Materials: Whiteboard/flip charts

    Participants: IT senior leadership

    1. Identify the way your organization functions:
      • How do we currently operate? Are we centralized, decentralized or a hybrid? Are we focused on delivering products and services? Do we provide service ourselves or do we use vendors for delivery?
      • Can we achieve our mission, goals, and strategies, if we continue to operate this way? What would we have to change in how we operate to be successful in the future?
    2. Identify your governance needs. Do we need to be more structured or more flexible to support our future ways of working?
      • If you operate in a more traditional way, consider whether you are implementing or moving toward more modern practices (e.g. Agile, DevOps, enterprise service management). Do you need to make more frequent but lower-risk decisions?
      • Is your organization ready to delegate governance culturally and in terms of business understanding? Is there enough available information to support adaptive decisions and actions?
    3. Document your operating style, expected changes in work style, and cultural readiness. You will need to consider the implications on design.

    Step 1.2

    Define Scope and Principles

    Activities
    • 1.2.1 Determine the proper scope for your governance
    • 1.2.2 Confirm your determining governing principles
    • 1.2.3 Develop your specific governing principles

    This step will walk you through the following activities:

    Identify what is included and excluded within the scope of your governance.

    Develop the determining and specific principles that provide guardrails for governance activities and decisions.

    This step involves the following participants:

    • Senior IT leadership
    • Governance leads

    Outcomes of this step

    Documented governance scope and principles to apply

    Identify Your Governance Needs

    Step 1.1 – Define your Guiding Star Step 1.2 – Define Scope and Principles Step 1.3 – Adjust for Culture and Finalize Context

    Define the context for governance

    Based on the goals and principles you defined and the operating model you selected, confirm where oversight will be necessary and at what level. Focus on the necessity to expedite and clear barriers to the achievement of goals and on the ownership of risks and compliance. Some key considerations:

    • Where in the organization will you need to decide on work that needs to be done?
    • What type of work will you need to do?
    • In what areas could there be conflicts in prioritization/resource allocation to address?
    • Who is accountable for risks to the organization and its objectives?
    • Where are your regional or business-unit-specific concerns that require focused local attention?
    • Are we using more agile, rapid delivery methods to produce work?

    Understand your governance scope

    Your governance scope helps you define the boundaries of what your governance model and practices will cover. This includes key characteristics of your organization that impact what governance needs to address.

    Sample Considerations

    • Organizational Span
      • The geographical area the organization operates within. Regional laws and requirements will affect governance delegation and standards/policy development.
    • Level of Regulation
      • Higher levels of regulation create more standards and controls for risk and compliance, impacting how authority can be delegated or automated.
    • Sourcing Model
      • Changing technology sourcing introduces additional vendor governance requirements and may impact compliance and audit.
    • Risk Posture
      • The appetite for risk organizationally, and in pockets, impacts the level of uncertainty you are willing to work within and impact decision-making authority positioning.
    • Size
      • The size of your organization impacts the approach to governance, practice implementation, and delegation of authority.
    • What Is Working Today?
      • Which elements of your current governance approach should be retained, and what are the biggest pain points that need to be addressed?
    (Source: COBIT 2019)

    1.2.1 Determine the proper scope for your governance

    60 minutes

    Input: Context information from Activity 1.1, Scoping areas

    Output: Defined scope and span of control

    Materials: Whiteboard/flip charts

    Participants: IT senior leadership

    1. Determine the scope/span of control required for your governance by:
      • Reviewing your key IT capabilities. Identify the ones where the responsibilities and decisions require oversight to ensure they meet the needs of the organization.
      • Identify what works well or poorly in your current governance approach.
      • Discuss and document the level and type of knowledge and business understanding required.
      • Identify and document any regulations, standards, or laws that apply to your organization/industry and how broadly they have to be applied.
      • Identify the organization’s risk appetite, where known, and areas where acceptable thresholds of risk have been defined. Where are key risk and opportunity decisions made? Who owns risk in your organization?
      • Identify and document the perceived role of the IT group in your organization (e.g. support, innovator, partner) and sourcing model (e.g. insource, outsource).
      • Is there sufficient information and data available in your organization to support effective decision making?

    How should your governance be structured?

    Organizations often have too many governance bodies, creating friction without value. Where that isn’t the case, the bodies are often inefficient, with gaps or overlaps in accountability and authority. Structure your governance to optimize its effectiveness, designing with the intent to have the fewest number of governing bodies to be effective, but no less than is necessary.

    Start with your operating model.

    • Understand what’s different about your governance based on whether your organization in centralized, distributed, or a different model (e.g. hybrid, product).
    • Identify and include governance structures that are mandatory due to regulation or industry.
    • Based on your context, identify how many of your governance activities should be performed together.

    Determine whether your governance should be controlled or adaptive.

    • Do you have the capability to distribute governance and is your organization empowered enough culturally?
    • Do you have sufficient standards and data to leverage? Do you have the tools and capabilities?
    • Identify governance structures that are required due to regulation or industry.

    Info-Tech Insight

    Your approach to governance needs to be designed and structured, even if your execution of governance is adaptable and delegated.

    Identify and Refine your Principles

    Confirm your defining principles based on your selection of controlled or adaptive governance. Create specific principles to clarify boundaries or provide specific guidance for teams within the organization.

    Controlled Adaptive
    Disentangle governance and management Delegate and empower
    Govern toward value Deliver to defined outcomes
    Make risk-informed decisions Embed risk into decision making
    Measure to drive improvement Trust though real-time reporting
    Enforce standards and behavior Automate decision making though established standards

    Determining Principle: Delegate and empower.

    Specific Principle: Decisions should be made at the lowest reasonable level of the organization with clarity.

    Rationale: To govern effectively with the velocity required to address business needs, governance needs to be executed deeper into the organization and organizational goals need to be clearly understood everywhere.

    Implication: Decision making needs to be delegated throughout the organization, so information and data requirements need to be identified, decision-making approach and principles need to be shared, and authority needs to be delegated clearly.

    1.2.2 Confirm your determining governance principles

    30-45 minutes

    Input: Governance Framework Model– Governance Principles

    Output: Governance workbook - Finalized list of determining principles

    Materials: Whiteboard/flip charts, Governance Workbook

    Participants: IT senior leadership

    1. Review the IT governance principles in your Governance Workbook.
    2. Within your IT senior leadership team (or IT governance working group) assign one or two principles to teams of two to three participants. Have each team identify what this would mean for your organization. Answering the questions:
      • In what ways do our current governance practices support this?
      • What are some examples of changes that would need to be made to make this a reality?
      • How would applying this principle improve your governance?
    3. Have each team present their results and compile the findings and implications in the Governance Workbook to use for future communication of the change.

    Specific governing principles

    Specific governing principles are refined principles derived from a determining principle, when additional specificity and detail is necessary. It allows you to define an approach for specific behaviors and activities. Multiple specific principles may underpin the determining one.

    A visualization of a staircase with stairs labelled, bottom to top, 'Determining Principle', 'Rationale', 'Implications', 'Specific Principles'.

    Specific Principles – Related principles that may be required to ensure the implications of the determining principal are addressed within the organization. They may be specific to individual areas and may be addressed in policies.

    Implications – The implications of this principle on the organization, specific to how and where governance is executed and the level of information and authority that would be necessary.

    Rationale – The reason(s) driving the determining principle.

    Determining Principle – A core overarching principle – a defining aspect of your governance model.

    1.2.3 Develop your specific governing principles

    30 minutes

    Input: Updated determining principles

    Output: List of specific principles linked to determining principles

    Materials: Whiteboard/flip charts, Governance Workbook

    Participants: IT senior leadership

    1. Confirm the determining principles for your governance model based on your previous discussions.
    2. Identify where to apply the principles. This is based on:
      1. Your governance scope (how much is within your span of control)
      2. The amount of data you have available
      3. Your cultural readiness for delegation
    3. Create specific principles to support the determining principles:
      1. Document the rationale driving the determining principles.
      2. Identify the implications.
      3. Create specific principles that will support the success in achieving the goals of each determining principle.
    4. Document all information on the “Governance guiding star” slide in the Governance Workbook.

    Download the Governance Workbook

    Step 1.3

    Adjust for Culture and Finalize Context

    Activities
    • 1.3.1 Identify and address the impact of attitude, behavior, and culture
    • 1.3.2 Finalize your context

    This step will walk you through the following activities:

    Identify your organizational attitude, behavior, and culture related to governance.

    Identify positives that can be leveraged and develop means to address negatives.

    Finalize the context that your model will leverage and align to.

    This step involves the following participants:

    • Senior IT leadership
    • Governance leads

    Outcomes of this step

    Downloaded tool ready to select the base governance model for your organization

    Identify Your Governance Needs

    Step 1.1 – Define your Guiding Star Step 1.2 – Define Scope and Principles Step 1.3 – Adjust for Culture and Finalize Context

    Understanding attitude, behavior, and culture

    A

    ttitude

    What people think and feel. It can be seen in their demeanor and how they react to change initiatives, colleagues, and users. This manifests in the belief that governance is a constraint that needs to be avoided or ignored – often with unintended consequences.

    A stock photo of a lightbulb over a person's head and a blackboard behind them reading 'New Mindset - data-verified= New Results'.">

    Any form of organizational change involves adjusting people’s attitudes to create buy-in and commitment.

    You need to identify and address attitudes that can lead to negative behaviors and actions or that are counter-productive.

    Understanding attitude, behavior, and culture

    B

    ehavior

    What people do. This is influenced by attitude and the culture of the organization. In governance, this manifests as people’s willingness to be governed, who pushes back, and who tries to bypass it.

    A stock photo of someone walking up a set of stairs into the distant sunlight.

    To implement change within IT, especially at a tactical and strategic level, organizational behavior needs to change.

    This is relevant because people gravitate toward stability and will resist change in an active or passive way unless you can sell the need, value, and benefit of changing their behavior and way of working.

    Understanding attitude, behavior, and culture

    C

    ulture

    The accepted and understood ways of working in an organization. The values and standards that people find normal and what would be tacitly identified to new resources. In governance terms, this is how decisions are really made and where responsibility really exists rather than what is identified formally.

    A stock photo of a compass pointing to 'VALUES'.

    The impact of the organizational or corporate “attitude” on employee behavior and attitude is often not fully understood.

    Culture is an invisible element, which makes it difficult to identify, but it has a strong impact and must be addressed to successfully embed governance models. In the case of automating governance, cultural readiness for automation is a critical success factor.

    1.3.1 Identify and address the impact of attitude, behavior, and culture

    45 minutes

    Input: Senior leadership knowledge

    Output: Updated Governance Workbook

    Materials: Governance Workbook

    Participants: IT senior leadership

    1. Break into three groups. Each group will discuss and document the positive and negative aspects of one of attitude, behavior, or culture related to governance in your organization.
    2. Each group will present and explain their list to the group.
    3. Add any additional suggestions in each area that are identified by the other groups.
    4. Identify the positive elements of attitude, behavior, and culture that would help with changing or implementing your updated governance model.
    5. Identify any challenges that will need to be addressed for the change to be successful.
    6. As a group, brainstorm some mitigations or solutions to these challenges. Document them in the Governance Workbook to be incorporated into the implementation plan.

    Download the Governance Workbook

    Attitude, behavior, and culture

    Evaluate the organization across the three contexts. The positive items represent opportunities for leveraging these characteristics with the implementation of the governance model, while the negative items must be considered and/or mitigated.

    Attitude Behavior Culture
    Positive
    Negative
    Mitigation

    1.3.2 Finalize your governance context

    30 minutes

    Input: Documented governance principles and scope from previous exercises

    Output: Finalized governance context in the Governance Workbook

    Materials: Whiteboard/flip charts, Governance Workbook

    Participants: IT senior leadership

    1. Use the information that has been gathered throughout this section to update and finalize your IT governance context.
    2. Document it in your Governance Workbook.

    Download the Governance Workbook

    Make Your IT Governance Adaptable

    Phase 2

    Select and Refine Your Governance Model

    Phase 1

    • 1.1 Define Your Guiding Star
    • 1.2 Define Scope and Principles
    • 1.3 Adjust for Culture and Finalize Context

    Phase 2

    • 2.1 Choose and Adapt Your Model
    • 2.2. Identify and Document Your Governance Triggers
    • 2.3 Build Your Implementation Approach

    Phase 3

    • 3.1 Identify Decisions to Embed and Automate
    • 3.2 Plan Validation and Verification
    • 3.3 Update Implementation Plan

    This phase will walk you through the following activities:

    Select a base governance model and refine it to suit your organization.

    Identify scenarios and changes that will trigger updates to your governance model.

    Build your implementation plan.

    This phase involves the following participants:

    • Senior IT leadership
    • Governance resources

    Step 2.1

    Choose and Adapt Your Model

    Activities
    • 2.1.1 Choose your base governance model
    • 2.1.2 Confirm and adjust the structure of your model
    • 2.1.3 Define the governance responsibilities
    • 2.1.4 Validate the governance mandates and membership
    • 2.1.5 Update your committee processes
    • 2.1.6 Adjust your associated policies
    • 2.1.7 Adjust and confirm your governance model

    This step will walk you through the following activities:

    Review and selecting your base governance model.

    Adjust the structure, responsibilities, policies, mandate, and membership to best support your organization.

    This step involves the following participants:

    • Senior IT leadership
    • Governance leads

    Outcomes of this step

    Downloaded tool ready to select the base governance model for your organization

    Select and Refine Your Governance Model

    Step 2.1 – Choose and Adapt Your Model Step 2.2 – Identify and Document Your Governance Triggers Step 2.3 – Build Implementation Approach

    Your governance framework has six key components

    GOVERNANCE FRAMEWORK

    • GUIDELINES
      The key behavioral factors that ground your governance framework
    • MEMBERSHIP
      Formalization of who has authority and accountability to make specific governance decisions
    • RESPONSIBILITIES
      The definition of which decisions and outcomes your governance structure and each governance body is accountable for
    • STRUCTURE
      Which governance bodies and roles are in place to articulate where decisions are made in the organization
    • PROCESS
      Identification of the how your governance will be executed, how decisions are made, and the inputs, outputs, and connections to related processes
    • POLICY
      Set of principles established to address risk and drive expected and required behavior

    4 layers of governance bodies

    There are traditionally 4 layers of governance in an enterprise, and organizations have governing bodies or individuals at each level

    RESPONSIBILITIES AND TYPICAL MEMBERSHIP
    ENTERPRISE Defines organizational goals. Directs or regulates the performance and behavior of the enterprise, ensuring it has the structure and capabilities to achieve its goals.

    Membership: Business executives, Board

    STRATEGIC Ensures IT initiatives, products, and services are aligned to organizational goals and strategy and provide expected value. Ensure adherence to key principles.

    Membership: Business executives, CIO, CDO

    TACTICAL Ensures key activities and planning are in place to execute strategic initiatives.

    Membership: Authorized division leadership, related IT leadership

    OPERATIONAL Ensures effective execution of day-to-day functions and practices to meet their key objectives.

    Membership: Service/product owners, process owners, architecture leadership, directors, managers

    2.1.1 Choose your base governance model

    30 minutes

    Input: Governance models templates

    Output: Selected governance model

    Materials: Whiteboard/flip charts

    Participants: IT senior leadership

    1. Download Info-Tech’s base governance models (Controlled Governance Models Template and IT Governance Program Overview) and review them to find a template that most closely matches your context from Phase 1. You can start with a centralized, decentralized, or product/service hybrid IT organization. Remove unneeded models.
    2. If you do not have documented governance today, start with a controlled model as your foundation. Continue working through this phase if you have a documented governance framework you wish to optimize using our best practices or move to Phase 3 if you are looking to automate or embed your governance activities.

    Controlled Governance Models Template

    Adaptive Governance Models Template

    2.1.2 Confirm and adjust the structure of your model

    30-45 minutes

    Input: Selected base governance model, Governance context/scope

    Output: Updated governance bodies and relationships

    Materials: Whiteboard/flip charts

    Participants: IT senior leadership

    1. Validate your selected governance body structural model.
      • Are there any governing bodies you must maintain that should replace the ones listed? In part or in full?
      • Are there any missing bodies? Look at alternative committees for examples.
      • Document the adjustments.
    2. Are there any governing bodies that are not required?
      • Based on your size and needs, can they be done within one committee?
      • Is the capability or data not in place to perform the work?
      • Document the required changes.

    There are five key areas of governance responsibility

    A cyclical visualization of the five keys areas of governance responsibility, 'Strategic Alignment', 'Value Delivery', 'Risk Management', 'Resource Management', and 'Performance Measurement'.

    STRATEGIC ALIGNMENT
    Ensures that technology investments and portfolios are aligned with the organization’s needs.

    VALUE DELIVERY
    Reviews the outcomes of technology investments and portfolios to ensure benefits realization.

    RISK MANAGEMENT
    Defines and owns the risk thresholds and register to ensure that decisions made are in line with the posture of the organization.

    RESOURCE MANAGEMENT
    Ensures that people, financial knowledge, and technology resources are appropriately allocated across the organization.

    PERFORMANCE MEASUREMENT
    Monitors and directs the performance or technology investments to determine corrective actions and understand successes.

    2.1.3 Define the governance responsibilities

    Ensure you have the right responsibilities in the right place

    45-60 minutes

    Input: Selected governance base model, Governance context

    Output: Updated responsibilities and activities, Updated activities for selected governance bodies, New or removed governing bodies

    Materials: Whiteboard/flip charts

    Participants: IT senior leadership

    1. Based on your context and model, review the responsibilities identified for each committee and confirm that they align with the mandate and the stated outcome.
    2. Identify and highlight any responsibilities and activities that would not be involved in informing and enabling the mandate of the committee.
    3. Adjust the wording of confirmed responsibilities and activities to reflect your organizational language.
    4. Review each highlighted “bad fit” activity and move it to a committee whose mandate it would support or remove it if it’s not performed in your organization.
    5. If an additional committee is required, define the mandate and scope, then include any additional responsibilities that might have been a bad fit elsewhere

    2.1.4 Validate the governance mandates and membership

    30 minutes

    Input: Selected governance base model, Updated structure and responsibilities

    Output: Adjusted mandates and refined committee membership

    Materials: Whiteboard/flip charts

    Participants: IT senior leadership

    1. Review the mandate and membership slides in your selected governance model.
    2. Adjust the mandate to ensure that it aligns to and conveys:
      1. The outcome that the committee is meant to generate for the organization.
      2. Its scope/span of control.
    3. Discuss the type of information members would require for the committee to be successful in achieving its mandate.
    4. Document the member knowledge requirement in the mandate slide of the model template.

    Determine the right membership for your governance

    One of the biggest benefits of governance committees is the perspective provided by people from various parts of the organization, which helps to ensure technology investments are aligned with strategic goals. However, having too many people – or the wrong people – involved prevents the committee from being effective. Avoid this by following these principles.

    Three principles for selecting committee membership

    1. Determine membership based on responsibilities and required knowledge.
      Organizations often make the mistake of creating committees and selecting members before defining what they will do. This results in poor governance because members don’t have the knowledge required to make decisions. Define the mandate of the committee to determine which members are the right fit.
    2. Ensure members are accountable and authorized to make the decisions.
      Effective governance requires the members to have the authority and accountability to make decisions. This ensures meetings achieve their outcome and produce value, which improves the committee’s chances of survival.
    3. Select leaders who see the big picture.
      Often committee decisions and responsibilities become tangled in the web of organizational politics. Include people, often C-level, whose attendance is critical and who have the requisite knowledge, mindset, and understanding to put business needs ahead of their own.

    2.1.5 Update your committee processes

    20 minutes

    Input: Selected governance base model, Updated structure and responsibilities

    Output: Updated committee processes

    Materials: Whiteboard/flip charts

    Participants: IT senior leadership

    1. Review the committee details based on the changes you have made in goals, mandate, and responsibilities.
    2. Identify and document changes required to the committee outputs (outcomes) and adjust the consumer of the outputs to match.
    3. Review the high-level process steps required to get to the modified output. Add required activities or remove unnecessary ones. Review the process flow. Does it make sense? Are there unnecessary steps?
    4. Review and update inputs required for the process steps and update the information/data sources.
    5. Adjust the detailed process steps to reflect the work that needs to be done to support each high-level process step that changed.

    2.1.6 Adjust your associated policies

    20 minutes

    Input: Selected governance base model, Updated structure and responsibilities

    Output: Adjusted mandates and refined committee membership

    Materials: Whiteboard/flip charts

    Participants: IT senior leadership

    1. Review the policies associated with the governing bodies in your base model. Identify the policies that apply to your organization, those that are missing, and those that are not necessary.
    2. Confirm the policies that you require.
    3. Make sure the policies and policy purposes (or risks and related behaviors the policy addresses) are matched to the governance committee that has responsibilities in that area. Move policies to the right committee.

    2.1.7 Adjust and confirm your governance model

    1. Confirm the adjustment of governance bodies, structure, and input/output linkages.
    2. Confirm revisions to decisions and responsibilities.
    3. Confirm policy and regulation/standards associations.
    4. Select related governance committee charters from the provided set and revise the charters to reflect the elements defined in your updated model.
    5. Finalize your governance model.

    Samples of slides related to adjusting and confirming governance models in the Governance Workbook.

    Step 2.2

    Identify and Document Your Governance Triggers

    Activities
    • 2.2.1 Identify and document update triggers
    • 2.2.2 Embed triggers into the review cycle

    This step will walk you through the following activities:

    Identify scenarios that will create a need to review or change your governance model.

    Update your review/update approach to receiving trigger notifications.

    This step involves the following participants:

    • Senior IT leadership
    • Governance leads

    Outcomes of this step

    Downloaded tool ready to select the base governance model for your organization

    Select and Refine Your Governance Model

    Step 2.1 – Choose and Adapt Your Model Step 2.2 – Identify and Document Your Governance Triggers Step 2.3 – Build Implementation Approach

    What are governance triggers

    Governance triggers are organizational or environmental changes within or around an organization that are inflection points that start the review and revision of governance models to maintain their fit with the organization. This is the key to adaptive governance design.

    A target with five arrows sticking out of the bullseye, 'Operating Model', 'Business Strategy', 'Mandate Change', 'Management Practices', and 'Digital Transformation'.

    2.2.1 Identify and document update triggers

    30 minutes

    Input: Governance Workbook

    Output: Updated workbook with defined and documented governance triggers, points of origin, and integration

    Materials: Whiteboard/flip charts

    Participants: IT senior leadership

    1. Open the Governance Workbook to the “Triggers” slides.
    2. Review the list of governance triggers. Retain the ones that apply to your organization, remove those you feel are unnecessary, and add any change scenarios you feel should be included.
    3. Identify where you would receive notifications of these changes and the related processes or activities that would generate these notifications, if applicable.
    4. Document any points of integration required between governance processes and the source process. Highlight any where the integration is not currently in place.

    Sample of the 'Triggers' slide in the Governance Workbook.

    2.2.2 Embed triggers into the review cycle

    30 minutes

    Input: Governance model

    Output: Review cycle update

    Materials: Whiteboard/flip charts

    Participants: IT senior leadership

    1. Identify which triggers impact the entire governance model and which impact specific committees.
    2. Add an activity for triggered review of the impacted governance model into your governance committee process.

    Step 2.3

    Build Your Implementation Approach

    Activities
    • 2.3.1 Identify and document your implementation plan
    • 2.3.2 Build your roadmap
    • 2.3.3 Build your sunshine diagram

    This step will walk you through the following activities:

    Transfer changes to the Governance Implementation Plan Template.

    Determine the timing for the implementation phases.

    This step involves the following participants:

    • Senior IT leadership
    • Governance process owner

    Outcomes of this step

    Implementation plan for adaptive governance framework model

    Select and Refine Your Governance Model
    Step 2.1 – Choose and Adapt Your Model Step 2.2 – Identify and Document Your Governance Triggers Step 2.3 – Build Implementation Approach

    2.3.1 Identify and document your implementation plan

    60 minutes

    Input: Governance model, Guiding principles, Update triggers, Cultural factors and mitigations

    Output: Implementation roadmap

    Materials: Whiteboard/flip charts

    Participants: IT senior leadership

    1. As a group, discuss the changes required to implement the governance model, the cultural items that need to be addressed, and the anticipated timing.
    2. Document the implementation activities and consolidate them into groupings/themes based on similarities or shared outcomes.
    3. Name the grouped themes for clarity and identify key dependencies between activities in each area and across themes.
    4. Identify and document your approach (e.g. continuous, phased) and high-level timeline for implementation.
    5. Document the themes and initiatives in the Governance Implementation Plan.

    Download the Governance Implementation Plan

    Illustrate the implementation plan using roadmaps

    Info-Tech recommends two different methods to roadmap the initiatives in your Governance Implementation Plan.

    Gantt Chart
    Sample of a Gantt Chart.

    This type of roadmap depicts themes, related initiatives, the associated goals, and exact start and end dates for each initiative. This diagram is useful for outlining a larger number of activities and initiatives and has an easily digestible and repeatable format.

    Sunshine Diagram
    Sample of a Sunshine Diagram.

    This type of roadmap depicts themes and their associated initiatives. The start and end dates for the initiatives are approximated based on years or phases. This diagram is useful for highlighting key initiatives on one page.

    2.3.2 Build your roadmap

    30 minutes

    Input: Governance themes and initiatives

    Output: roadmap visual

    Materials: Governance Roadmap Workbook, Governance Workbook

    Participants: CIO, IT senior leadership

    1. Open the Governance Implementation Plan and review themes and initiatives.
    2. Open the Governance Roadmap Workbook.
    3. Discuss whether the implementation roadmap should be developed as a Gantt chart, a sunshine diagram, or both.
      For the Gantt chart:
      • Input the roadmap start year and date.
      • Change the months and year in the Gantt chart to reflect the same roadmap start year.
      • Input and populate the planned start and end dates for the list of high-priority initiatives.

    Develop your Gantt chart in the Governance Roadmap Workbook

    2.3.3 Build your sunshine diagram

    30 minutes

    Input: Governance themes and initiatives

    Output: Sunshine diagram visual

    Materials: Whiteboard/flip charts, Markers, Governance Implementation Plan

    Participants: CIO, IT senior leadership

    1. Review your list of themes and initiatives.
    2. Build a model with “rays” radiating out from a central theme or objective.
    3. Using curved arcs, break the grid into timeline periods or phases.
    4. Complete your sunshine diagram in the Governance Implementation Plan.

    Customize your sunshine diagram in the Governance Implementation Plan

    Make Your IT Governance Adaptable

    Phase 3

    Embed and Automate

    Phase 1

    • 1.1 Define Your Guiding Star
    • 1.2 Define Scope and Principles
    • 1.3 Adjust for Culture and Finalize Context

    Phase 2

    • 2.1 Choose and Adapt Your Model
    • 2.2. Identify and Document Your Governance Triggers
    • 2.3 Build Your Implementation Approach

    Phase 3

    • 3.1 Identify Decisions to Embed and Automate
    • 3.2 Plan Validation and Verification
    • 3.3 Update Implementation Plan

    This phase will walk you through the following activities:

    Identify which decisions you are ready to automate.

    Identify standards and policies that can be embedded and automated.

    Identify integration points.

    Confirm data requirements to enable success.

    This phase involves the following participants:

    • IT senior leadership
    • Governance process owner
    • Product and service owners
    • Policy owners

    Step 3.1

    Identify Decisions to Embed and Automate

    Activities
    • 3.1.1 Review governance decisions and standards and the required level of authority
    • 3.1.2 Build your decision logic
    • 3.1.3 identify constraints and mitigation approaches
    • 3.1.4 Develop decision rules and principles

    This step will walk you through the following activities:

    Identify your key decisions.

    Develop your decision logic.

    Confirm decisions that could be automated.

    Identify and address constraints.

    Develop decision rules and principles.

    This step involves the following participants:

    • IT senior leadership

    Outcomes of this step

    Developed decision rules, rulesets, and principles that can be leveraged to automate governance

    Defined integration points

    Embed and Automate

    Step 3.1 – Identify Decisions to Embed and Automate Step 3.2 – Plan Validation and Verification Step 3.3 – Update Implementation Plan

    What is decision automation?

    Decision automation is the codifying of rules that connect the logic of how decisions are made with the data required to make those decisions. This is then embedded and automated into processes and the design of products and services.

    • It is well suited to governance where the same types of decisions are made on a recurring basis, using the same set of data. It requires clean, high-quality data to be effective.
    • Improvements in artificial intelligence (AI) and machine learning (ML) have allowed the creation of scenarios where a hybrid of rules and learning can improve decision outcomes.

    Key Considerations

    • Data Availability
    • Legality
    • Contingencies
    • Decision Transparency
    • Data Quality
    • Auditability

    How complexity impacts decisions

    Decision complexity impacts the type of rule(s) you create and the amount of data required. It also helps define where or if decisions can be automated.

    1. SIMPLE
      Known and repeatable with consistent and familiar outcomes – structured, causal, and easy to standardize and automate.
    2. COMPLICATED
      Less known and outcomes are not consistently repeatable. Expertise can drive standards and guidelines that can be used to automate decisions.
    3. COMPLEX
      Unknown and new, highly uncertain in terms of outcomes, impact, and data. Requires more exploration and data. Difficult to automate but can be built into the design of products and services.
    4. CHAOTIC
      Unstructured and unknown situation. Requires adaptive and immediate action without active data – requires retained human governance
    5. (Based on Dave Snowden’s Cynefin framework)

    Governance Automation Criteria Checklist

    The Governance Automation Criteria Checklist provides a view of key considerations for determining whether a governing activity or decision is a good candidate for automation.

    The criteria identify key qualifiers/disqualifiers to make it easier to identify eligibility.

    Sample of the Governance Automation Criteria Checklist.

    Download the Governance Automation Criteria Checklist

    Governance Automation Worksheet

    Sample of the Governance Automation Worksheet.

    The Governance Automation Worksheet provides a way to document your governance and systematically identify information about the decisions to help determine if automation is possible.

    From there, decision rules, logic, and rulesets can be designed in support of building a structure flow to allow for automation.

    Download the Governance Automation Worksheet

    3.1.1 Review governance decisions and standards and the required level of authority

    30 minutes

    Input: Automation Criteria Checklist, Governance Automation Worksheet, Updated governance model

    Output: Documented decisions and related authority, Selected options for automation, Updated Governance Automation Worksheet

    Materials: Whiteboard/flip charts, Governance Automation Worksheet

    Participants: IT senior leadership

    1. Identify the decisions that are made within each committee in your updated governance model and document them in the Governance Automation Worksheet.
    2. Confirm the level of authority required to make each decision.
    3. Review the automation checklist to confirm whether each decision is positioned well for automation.
    4. Select and document the decisions that are the strongest options for automation/embedding and document them in the Governance Automation Worksheet.

    What are decision rules?

    Decision rules provide specific instructions and constraints that must be considered in making decisions and are critical for automating governance.

    They provide the logical path to assess governance inputs to make effective decisions with positive business outputs.

    Inputs would include key information such as known risks, your defined prioritization matrix, portfolio value scoring, and compliance controls.

    Individual rules can be leveraged in different places.

    Some decision rule types are listed here.

    1. Statement Rules
      Natural expression of logical progression, written through logical elements
    2. Decision Tree Rules
      Decision tree with two axes that overlap to generate a decision
    3. Sequential Rules
      A sequence of decisions that move from one step to the next
    4. Expression Rule
      A particular set of rules triggered by a particular rule condition being met
    5. Truth table rules
      Combines many decision factors into one place; produces different outputs

    What are decision rulesets

    Rulesets are created to make complex decisions. Individual rule types are combined to create rulesets that are applied together to generate effective decisions. One rule will provide contextual information required for additional rules to execute in a Rule-Result-Rule-Result-Rule-Decision flow.

    A visualization of two separate rulesets made up of the decision rules on the previous slide. 'Ruleset 1' contains '1) Statement Rules', '2) Decision Tree Rules', and 5) Truth Table Rules'. 'Ruleset 2' contains '3) Sequential Rules' and '4) Expression Rule'.

    3.1.2 Build your decision logic

    30 minutes

    Input: Governance Automation Worksheet

    Output: Documented decision logic to support selected decision types and data requirements

    Materials: Whiteboard/flip charts

    Participants: IT senior leadership

    1. For each selected decision, identify the principles that drive the considerations around the decision.
    2. For each decision, develop the decision logic by defining the steps and information inputs involved in making the decision and documenting the flow from beginning to end.
    3. Determine whether this is one specific decision or a combination of different decisions (in sequence or based on decisions).
    4. Name your decision rule.

    Sample of the Governance Automation Worksheet.

    3.1.3 Identify constraints and mitigation approaches

    60 minutes
    1. Document constraints to automation of decisions related to:
      • Availability of decision automation tools
      • Decision authority change requirements
      • Data constraints
      • Knowledge requirements
      • Process adjustment requirements
      • Product/service design levels
    2. Brainstorm and identify approaches to mitigate constraints and score based on likelihood of success.
    3. Identify mitigation owners and initial timeline expectations.
    4. Document the constraints and mitigations in the Governance Workbook on the constraints and mitigations slide.

    Sample of the 'Constraints and mitigations' slide of the 'Governance Workbook'.

    3.1.4 Develop decision rules and principles

    1.5-2 hours

    Input: Governance Automation Worksheet

    Output: Defined decision integration points, Confirmed data availability sets, Decision rules, rulesets, and principles with control indicators

    Materials: Whiteboard/flip charts, Governance Automation Worksheet

    Participants: IT senior leadership

    1. Review the decision logic for those decisions that you have confirmed for automation. Identify the processes where the decision should be executed.
    2. Associate each decision with specific process steps or stages or how it would be included in software/product design.
    3. For each selected decision, identify the availability of data required to support the decision logic and the level of complexity and apply governing principles.
    4. Create the decision rules and identify data gaps.
    5. Define the decision flow and create rulesets as needed.
    6. Confirm automation requirements and define control indicators.

    Step 3.2

    Plan Validation and Verification

    Activities
    • 3.2.1 Define verification approach for embedded and automated governance
    • 3.2.2 Define validation approach for embedded and automated governance

    This step will walk you through the following activities:

    Define how decision outcomes will be measured.

    Determine how the effectiveness of automated governance will be reported.

    This step involves the following participants:

    • IT senior leadership

    Outcomes of this step

    Tested and verified automation of decisions

    Embed and Automate

    Step 3.1 – Identify Decisions to Embed and Automate Step 3.2 – Plan Validation and Verification Step 3.3 – Update Implementation Plan

    Decision rule relationship through to verification

    1. Rules

    Focus on clear decision logic

    Often represented in simple statement types and supported by data:

    IF – THEN

    IF – AND – THEN

    IF – AND NOT – THEN

    2. Rulesets

    Aggregate rules for more complex decisions

    Integrated flows between different required rules:
    Rule 1:
    (Output 1) – Rule 2
    (Output 2) – Rule 6
    Rule 6: (Output 1) – Rule 7
    3. Rule Attestation

    Verify success of automated decisions

    Attestation of embedded and automated rules with key control indicators embedded within process and products.

    Principles embedded into automated software controls.

    3.2.1 Define verification approach for embedded and automated governance

    60 minutes

    Input: Governance rules and rulesets as defined in the Governance Automation Worksheet, Defined decision outcomes

    Output: A defined measurement of effective decision outcomes, Approach to automate and/or report the effectiveness of automated governance

    Materials: Whiteboard/flip charts

    Participants: IT senior leadership

    Verify

    1. Confirm expected outcome of rules.
    2. Select a sampling of new required decisions or recently performed decisions related to areas of automation.
    3. Run the decisions through the decision rules or rule groupings that were developed and compare to parallel decisions made using the traditional approach. (These must be segregated activities.)
    4. Review the outcome of the rules and adjust based on the output. Identify areas of adjustment. Confirm that the automation meets your requirements.

    3.2.2 Define validation approach for embedded and automated governance

    60 minutes

    Input: Governance rules and rulesets as defined in the Governance Automation Worksheet, Defined decision outcomes

    Output: Defined assurance and attestation requirements, Key control indicators that can be automated

    Materials: Whiteboard/flip charts

    Participants: IT senior leadership

    Validate

    1. Develop an approach to measure automated decisions. Align success criteria to current governance KPIs and metrics.
    2. If no such metrics exist, define expected outcome. Define key risk indicators based on the expected points of automation.
    3. Establish quality assurance checkpoints within the delivery lifecycles to adjust for variance.
    4. Create triggers back to rule owners to drive changes and improvements to rules and rule groupings.

    Step 3.3

    Update Implementation Plan

    Activities
    • 3.3.1 Finalize the implementation plan

    This step will walk you through the following activities:

    Review implications and mitigations to make sure all have been considered.

    Finalize the implementation plan and roadmap.

    This step involves the following participants:

    • Senior IT leadership

    Outcomes of this step

    Completed Governance implementation plan and roadmap

    Embed and Automate

    Step 3.1 – Identify Decisions to Embed and Automate Step 3.2 – Plan Validation and Verification Step 3.3 – Update Implementation Plan

    3.3.1 Finalize the implementation plan

    30 minutes

    Input: Governance workbook, Updated governance model, Draft implementation plan and roadmap

    Output: Finalized implementation plan and roadmap

    Materials: Whiteboard/flip charts, Governance Implementation Plan

    Participants: IT senior leadership

    1. Document automation activities within phases in a governance automation theme in the Governance Implementation Plan.
    2. Review timelines in the implementation plan and where automation fits within the roadmap.
    3. Updated the implementation plan and roadmap.

    Governance Implementation Plan

    Summary of Accomplishment

    Problem Solved

    Through this project we have:

    • Improved your governance model to ensure a better fit for your organization, while creating adaptivity for the future.
    • Ensured your governance operates as an enabler of success with the proper bodies and levels of authority established.
    • Established triggers to ensure your governance model is actively adjusted to maintain its fit.
    • Developed a plan to embed and automate governance.
    • Created decision rules and principles and identified where to embed them within your practices.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    Additional Support

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Photo of Valence Howden.

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.

    Info-Tech analysts will join you and your team at your location or welcome you to Info-Tech’s historic Toronto office to participate in an innovative onsite workshop.

    Related Info-Tech Research

    Improve IT Governance to Drive Business Results

    Avoid bureaucracy and achieve alignment with a minimalist approach. Align with your organizational context.

    Establish Data Governance

    Establish data trust and accountability with strong governance.

    Maximize Business Value From IT Through Benefits Realization

    Embed value and alignment confirmation into your governance to ensure you optimize IT value achievement for resource spend.

    Build a Better Product Owner

    Strengthen the product/service owner role in your organization by focusing on core capabilities and proper alignment.

    Research contributors and experts

    Photo of Sidney Hodgson, Senior Director, Industry, Info-Tech Research Group. Sidney Hodgson
    Senior Director, Industry
    Info-Tech Research Group
    • Sidney has over 30 years of experience in IT leadership roles as CIO of three organizations in Canada and the US as well as international consulting experience in the US and Asia.
    • Sid has a breadth of knowledge in IT governance, project management, strategic and operational planning, enterprise architecture, business process re-engineering, IT cost reduction, and IT turnaround management.
    Photo of David Tomljenovic, Principal Research Advisor, Industry, Info-Tech Research Group. David Tomljenovic
    Principal Research Advisor, Industry
    Info-Tech Research Group
    • David brings extensive experience from the Financial Services sector, having worked 25 years on Bay Street. Most recently he was a Corporate Finance and Strategy Advisor for Infiniti Labs (Toronto/Hong Kong), Automotive, and Smart City Accelerator, where he provided financial and mergers & acquisitions advisory services to accelerator participants with a focus on early-stage fundraising activities.

    Research contributors and experts

    Photo of Cole Cioran, Practice Lead, Applications and Agile Development, Info-Tech Research Group. Cole Cioran
    Practice Lead, Applications and Agile Development
    Info-Tech Research Group
    • Over the past 25 years, Cole has developed software; designed data, infrastructure, and software solutions; defined systems and enterprise architectures; delivered enterprise-wide programs; and managed software development, infrastructure, and business systems analysis practices.
    Photo of Crystal Singh, Research Director, Applications – Data and Information Management, Info-Tech Research Group. Crystal Singh
    Research Director, Applications – Data and Information Management
    Info-Tech Research Group
    • Crystal brings a diverse and global perspective to her role, drawing from her professional experiences in various industries and locations. Prior to joining Info-Tech, Crystal led the Enterprise Data Services function at Rogers Communications, one of Canada’s leading telecommunications companies.

    Research contributors and experts

    Photo of Carlene McCubbin, Practice Lead, CIO, Info-Tech Research Group. Carlene McCubbin
    Practice Lead, CIO
    Info-Tech Research Group
    • Carlene covers key topics in organization and leadership and specializes in governance, organizational design, relationship management, and human capital development. She led the development of Info-Tech’s Organization and Leadership practice.
    Photo of Denis Goulet, Senior Workshop Director, Info-Tech Research Group. Denis Goulet
    Senior Workshop Director
    Info-Tech Research Group
    • Denis is a transformational leader and experienced strategist who focuses on helping clients communicate, relate, and adapt for success. Having developed Governance Model and IT strategies in organizations ranging from small to billion-dollar multi-nationals, he firmly believes in a collaborative value-driven approach to work.

    Bibliography

    “2020 State of Data Governance and Automation Report.” Erwin.com, 28 Jan. 2020. Web.

    “Adaptive IT Governance.” Google search, 15 Nov. 2020.

    “Adaptive IT Governance Framework.” CIO Index, 3 Nov. 2011. Accessed 15 Nov. 2020.

    “Agile Governance Made Easy.” Agilist, n.d. Accessed 15 Nov. 2020.

    “Automating Governance — Our Work.” Humanising Machine Intelligence, n.d. Accessed 15 Nov. 2020.

    “Automation – Decisions.” IBM, 2020. Accessed 15 Oct. 2020.

    Chang, Charlotte. “Accelerating Agile through effective governance.” Medium, 22 Sept. 2020. Web.

    “COBIT 5: Enabling Processes.” ISACA, 2012. Web. Oct. 2016.

    COBIT 2019. ISACA, Dec. 2018. Web.

    Curtis, Blake. “The Value of IT Governance.” ISACA, 29 June 2020. Accessed 15 Nov. 2020.

    De Smet, Aaron. “Three Keys to Faster, Better Decisions.” McKinsey & Company, 1 May 2019. Accessed 15 Nov. 2020.

    “Decision Rules and Decision Analysis.” Navex Global, 2020. Web.

    “Decisions Automation with Business Rules Management Solution.” Sumerge, 4 Feb. 2020. Accessed 15 Nov. 2020.

    “DevGovOps – Key factors for IT governance for enterprises in a DevOps world.” Capgemini, 27 Sept. 2019. Web.

    Eisenstein, Lena. “IT Governance Checklist.” BoardEffect, 19 Feb. 2020. Accessed 15 Nov. 2020.

    “Establishing Effective IT and Data Governance.” Chartered Professional Accountants Canada, n.d. Accessed 15 Nov. 2020.

    Gandzeichuk, Ilya. “Augmented Analytics: From Decision Support To Intelligent Decision-Making.” Forbes, 8 Jan. 2020. Accessed 15 Nov. 2020.

    Georgescu, Vlad. “What Is IT Governance? Understanding From First Principles.” Plutora, 18 Oct. 2019. Web.

    Goodwin, Bill. “IT Governance in the Era of Shadow IT.” ComputerWeekly, 5 Aug. 2014. Accessed 15 Nov. 2020.

    “Governance of IT, OT and IOT.” ISACA Journal, 2019. Web.

    Gritsenko, Daria, and Matthew Wood. “Algorithmic Governance: A Modes of Governance Approach.” Regulation & Governance, 10 Nov. 2020. Web.

    Hansert, Philipp. “Adaptive IT Governance with Clausmark’s Bee4IT.” Bee360, 25 Oct. 2019. Accessed 15 Nov. 2020.

    Havelock, Kylie. “What Does Good Product Governance Look Like?” Medium. 8 Jan. 2020. Web.

    Haven, Dolf van der. “Governance of IT with ISO 38500 - A More Detailed View” LinkedIn article, 24 Oct. 2016. Accessed 15 Nov. 2020.

    Hong, Sounman, and Sanghyun Lee. “Adaptive Governance and Decentralization: Evidence from Regulation of the Sharing Economy in Multi-Level Governance.” Government Information Quarterly, vol. 35, no. 2, April 2018, pp. 299–305. Web.

    ISACA. “Monthly Seminar & Networking Dinner: CIO Dashboard.” Cvent, Feb. 2012. Accessed 15 Nov. 2020.

    ISO/IEC 38500, ISO, 2018 and ongoing.

    “IT Governance.” Kenway Consulting, n.d. Accessed 15 Nov. 2020.

    “IT Governance in the Age of COVID 19.” Union of Arab Banks Webinar, 19-21 Oct. 2020. Accessed 15 Nov. 2020.

    Jaffe, Dennis T. “Introducing the Seven Pillars of Governance.” Triple Pundit, 15 Nov. 2011. Accessed 15 Nov. 2020.

    Janssen, Marijn, and Haiko van der Voort. “Agile and Adaptive Governance in Crisis Response: Lessons from the COVID-19 Pandemic.” International Journal of Information Management, vol. 55, December 2020. Web.

    Jodya, Tiffany. “Automating Enterprise Governance within Delivery Pipelines.” Harness.io, 14 May 2020. Web.

    Kumar, Sarvesh. “AI-Based Decision-Making Automation.” Singular Intelligence, 17 June 2019. Web.

    “Lean IT Governance.” Disciplined Agile, n.d. Accessed 15 Nov. 2020.

    Lerner, Mark. “Government Tech Projects Fail by Default. It Doesn’t Have to Be This Way.” Belfer Center for Science and International Affairs, 21 Oct. 2020. Accessed 15 Nov. 2020.

    Levstek, Aleš, Tomaž Hovelja, and Andreja Pucihar. “IT Governance Mechanisms and Contingency Factors: Towards an Adaptive IT Governance Model.” Organizacija, vol. 51, no. 4, Nov. 2018. Web.

    Maccani, Giovanni, et al. “An Emerging Typology of IT Governance Structural Mechanisms in Smart Cities.” Government Information Quarterly, vol. 37, no. 4, Oct. 2020. Web.

    Magowan, Kirstie. “IT Governance vs IT Management: Mastering the Differences.” BMC Blogs, 18 May 2020. Accessed 15 Nov. 2020.

    Mazmanian, Adam. “Is It Time to Rethink IT Governance? ” Washington Technology, 26 Oct. 2020. Accessed 15 Nov. 2020.

    Mukherjee, Jayanto. “6 Components of an Automation (DevOps) Governance Model.” Sogeti, n.d. Accessed 15 Nov. 2020.

    Ng, Cindy. “The Difference Between Data Governance and IT Governance.” Inside Out Security, updated 17 June 2020. Web.

    Pearson, Garry. “Agile or Adaptive Governance Required?” Taking Care of the Present (blog), 30 Oct. 2020. Accessed 15 Nov. 2020.

    Peregrine, Michael, et al. “The Long-Term Impact of the Pandemic on Corporate Governance.” Harvard Law School Forum on Corporate Governance, 16 July 2020. Web.

    Raymond, Louis, et al. “Determinants and Outcomes of IT Governance in Manufacturing SMEs: A Strategic IT Management Perspective.” International Journal of Accounting Information Systems, vol. 35, December 2019. Web.

    Rentrop, Christopher. “Adaptive IT Governance – Foundation of a Successful Digitalization.” Business IT Cooperation Coordination Controlling (blog). May 2, 2018. Web.

    Schultz, Lisen, et al. “Adaptive Governance, Ecosystem Management, and Natural Capital.” Proceedings of the National Academy of Sciences, vol. 112, no. 24, 2015, pp. 7369–74. Web.

    Selig, Gad J. Implementing IT Governance: A Practical Guide to Global Best Practices in IT Management. Van Haren Publishing, 2008. Accessed 15 Nov. 2020.

    Sharma, Chiatan. “Rule Governance for Enterprise-Wide Adoption of Business Rules: Why Does a BRMS Implementation Need a Governance Framework?” Business Rules Journal, vol. 13, no. 4, April 2012. Accessed 15 Nov. 2020.

    Smallwood, Robert. “Information Governance, IT Governance, Data Governance – What’s the Difference?” The Data Administration Newsletter, 3 June 2020. Accessed 15 Nov. 2020.

    Snowden, Dave. "Cynefin – weaving sense-making into the fabric of our world", Cognitive Edge, 20 October 2020.

    “The Place of IT Governance in the Enterprise Governance.” Institut de la Gouvernance des Systemes d’Information, 2005. Accessed 15 Nov. 2020.

    Thomas, Mark. “Demystifying IT Governance Roles in a Dynamic Business Environment.” APMG International, 29 Oct. 2020. Webinar. Accessed 15 Nov. 2020.

    “The Four Pillars of Governance Best Practice.” The Institute of Directors in New Zealand, 4 Nov. 2019. Web.

    Wang, Cancan, Rony Medaglia, and Lei Zheng. “Towards a Typology of Adaptive Governance in the Digital Government Context: The Role of Decision-Making and Accountability.” Government Information Quarterly, vol. 35, no. 2, April 2018, pp. 306–22.

    Westland, Jason. “IT Governance: Definitions, Frameworks and Planning.” ProjectManager.com, 17 Dec. 2019. Web.

    Wilkin, Carla L., and Jon Riddett. “IT Governance Challenges in a Large Not-for-Profit Healthcare Organization: The Role of Intranets.” Electronic Commerce Research vol. 9, no. 4, 2009, pp. 351-74. Web.

    Zalnieriute, Monika, et al. “The Rule of Law and Automation of Government Decision Making.” Modern Law Review, 25 Feb. 2019. Web.

    Automate Testing to Get More Done

    • Buy Link or Shortcode: {j2store}285|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $29,139 Average $ Saved
    • member rating average days saved: 5 Average Days Saved
    • Parent Category Name: Testing, Deployment & QA
    • Parent Category Link: /testing-deployment-and-qa
    • Today’s rapidly changing software products and operational processes create mounting pressure on software delivery teams to release new features and changes quickly while meeting high and demanding quality standards.
    • Most organizations see automated testing as a solution to meet this demand alongside their continuous delivery pipeline. However, they often lack the critical foundations, skills, and practices that are imperative for success.
    • The technology is available to enable automated testing for many scenarios and systems, but industry noise and an expansive tooling marketplace create confusion for those interested in adopting this technology.

    Our Advice

    Critical Insight

    • Good automated testing improves development throughput. No matter how quickly you put changes into production, end users will not accept them if they do not meet quality standards. Escaped defects, refactoring, and technical debt can significantly hinder your team’s ability to deliver software on time and on budget. In fact, 65% of organizations saw a reduction of test cycle time and 62% saw reductions in test costs with automated testing (Sogeti, World Quality Report 2020–21).
    • Start automation with unit and functional tests. Automated testing has a sharp learning curve, due to either the technical skills to implement and operate it or the test cases you are asked to automate. Unit tests and functional tests are ideal starting points in your automation journey because of the available tools and knowledge in the industry, the contained nature of the tests you are asked to execute, and the repeated use of the artifacts in more complicated tests (such as performance and integration tests). After all, you want to make sure the application works before stressing it.
    • Automated testing is a cross-functional practice, not a silo. A core component of successful software delivery throughput is recognizing and addressing defects, bugs, and other system issues early and throughout the software development lifecycle (SDLC). This involves having all software delivery roles collaborate on and participate in automated test case design, configure and orchestrate testing tools with other delivery tools, and proactively prepare the necessary test data and environments for test types.

    Impact and Result

    • Bring the right people to the table. Automated testing involves significant people, process and technology changes across multiple software delivery roles. These roles will help guide how automated testing will compliment and enhance their responsibilities.
    • Build a foundation. Review your current circumstances to understand the challenges blocking automated testing. Establish a strong base of good practices to support the gradually adoption of automated testing across all test types.
    • Start with one application. Verify and validate the automated testing practices used in one application and their fit for other applications and systems. Develop a reference guide to assist new teams.

    Automate Testing to Get More Done Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should automate testing, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    2. Adopt good automated testing practices

    Develop and implement practices that mature your automated testing capabilities.

    • Automated Testing Quick Reference Template

    Infographic

    Workshop: Automate Testing to Get More Done

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Adopt Good Automated Testing Practices

    The Purpose

    Understand the goals of and your vision for your automated testing practice.

    Develop your automated testing foundational practices.

    Adopt good practices for each test type.

    Key Benefits Achieved

    Level set automated testing expectations and objectives.

    Learn the key practices needed to mature and streamline your automated testing across all test types.

    Activities

    1.1 Build a foundation.

    1.2 Automate your test types.

    Outputs

    Automated testing vision, expectations, and metrics

    Current state of your automated testing practice

    Ownership of the implementation and execution of automated testing foundations

    List of practices to introduce automation to for each test type

    Build Your Data Practice and Platform

    • Buy Link or Shortcode: {j2store}347|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management

    The complex nature of data investment leads to de-scoping and delivery of data services that do not meet business needs or give value to the business. Subject matter experts are hired to resolve the problem, but their success is impacted by absent architecture, technology, and organizational alignment.

    Our Advice

    Critical Insight

    Walking through a book of architecture building plans with a personal guide is cheaper and faster than employing an architect to build and design your home.

    Impact and Result

    Info-Tech's approach provides a proven methodology that includes the following:

    • Business-aligned data initiatives and capabilities that address data challenges and realize business strategic objectives.
    • Comprehensive data practice designed based on the required business and data capabilities.
    • Data platform design based on Info-Tech data architecture reference patterns and prioritized data initiatives and capabilities.

    Build Your Data Practice and Platform Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build Your Data Practice and Platform Storyboard – A step-by-step document that leverages road-tested patterns and frameworks to properly build your data practice and pattern in continuous alignment with the business landscape.

    Info-Tech's approach provides a proven methodology that includes following:   

  • Business-aligned data initiatives and capabilities that address data challenges and realize business strategic objectives.
  • Comprehensive data practices designed based on the required business and data capabilities.
    • Build Your Data Practice and Platform Storyboard

    2. Data Practice and Platform Models – Leveraging best-of-breed frameworks to help you build a clear, concise, and compelling data practice and platform.

    Data practice & platform pre-build pattern templates based on Info-Tech data reference patterns and data platform design best practices.

    • Data Practice and Platform Models

    Infographic

    Workshop: Build Your Data Practice and Platform

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Establish Business Context and Value

    The Purpose

    Establish business context and value.

    Key Benefits Achieved

    Business context and strategic driver.

    Activities

    1.1 Understand/confirm the organization's strategic goals

    1.2 Classify the strategic goals and map to business drivers

    1.3 Identify the business capabilities that the strategy focuses on

    1.4 Identify the business processes realizing the strategy

    Outputs

    Business context and strategic drivers

    Prioritized business capabilities and processes

    Data culture survey results analysis

    2 Identify Your Top Initiatives

    The Purpose

    Identify your top initiatives.

    Key Benefits Achieved

    High-value business-aligned data initiative.

    Activities

    2.1 Highlight data-related outcomes/goals to realize to fulfill the business goal

    2.2 Map business data initiatives to the business strategic goals

    2.3 Prioritize data initiatives

    Outputs

    High-value, business-aligned data initiatives

    3 Analyze Data Challenges

    The Purpose

    Analyze data challenges.

    Key Benefits Achieved

    Clear understanding of the data challenges.

    Activities

    3.1 Map data challenges to Info-Tech data challenges

    3.2 Review Info-Tech data capabilities based on prioritized initiatives

    3.3 Discuss data platform and practice next steps

    Outputs

    List of data challenges preventing data maturation with the organization

    4 Map Data Capability

    The Purpose

    Map data capability.

    Key Benefits Achieved

    Prioritized data capability.

    Activities

    4.1 Map data challenges to Info-Tech data challenges

    4.2 Review Info-Tech data capabilities based on prioritized initiatives

    4.3 Discuss data platform and practice next steps

    Outputs

    Required data capabilities

    Data platform and practice – plan

    Initialized data management RACI 

    Further reading

    Build Your Data Practice and Platform

    Construct a scalable data foundation

    Analyst Perspective

    Build a data practice and platform that delivers value to your organization.

    The build or optimization of your data practice and data platform must be predicated on a thorough understanding of the organization’s goals, objectives, and priorities and the business capabilities and process they are meant to support and enable.

    Formalizing your practice or constructing your platform just for the sake of doing so often results in an initiative that is lengthy, costly, fizzles out, does not deliver business value, and ends up being considered a failure.

    Leverage Info-Tech’s approach and incorporate our pre-built models and patterns to effectively navigate that crucial and often difficult phase upfront of comprehensively defining business data needs so you can ultimately realize faster time-to-delivery of your overall data practice and platform.

    Photo of Rajesh Parab, Director, Research & Advisory, Data & Analytics Practice, Info-Tech Research Group.

    Rajesh Parab
    Director, Research & Advisory, Data & Analytics Practice
    Info-Tech Research Group

    Photo of Crystal Singh, Director, Research & Advisory, Data & Analytics Practice, Info-Tech Research Group.

    Crystal Singh
    Director, Research & Advisory, Data & Analytics Practice
    Info-Tech Research Group

    Attempting to Solve Data Problems?

    Situation
    • Lack of data centric leadership results in downstream issues such as integration, quality, and accessibility.
    • The complex nature of the data and lack of understanding leads to de-scoping delivery of data services that does not meet business needs or add value.
    • Poorly designed practice and siloed platforms result in an initiative that is lengthy, costly, fizzles out, does not deliver business value, and ends up being considered a failure.
    Complication
    • Data problem: When the data problem is diagnosed, the organization adopts a tactical approach.
    • Confirmation bias: Subject matter experts (SME) are hired to resolve the poorly defined problem, but the success of the SME is impacted by lack of architecture, technology, and organizational alignment.
    • Still no value: The selected tactical approach does not provide a solid foundation or solve your data problem.
    • Strategy for sake of strategy: Implementing a strategic approach for the sake of being strategic but this becomes overwhelming.
    • Fall back to tactical and operational: The data services are now potentially exposed and vulnerable, which strains business continuity and increases data debt.
    • Increased complexity and risk: Data silos, poor understanding, and high complexity results in an unmanageable data environment.
    Resolution
    • Requirements: Define and align your data requirement to business.
    • Capabilities: Discover data, identify data capabilities, and map your requirements.
    • Practices: Design and select fit-for-purpose data practices.
    • Platform: Optimize your data platform investments though sound architecture.

    Info-Tech Insight

    The true value of data comes from defining intentional relationships between the business and the data through a well thought out data platform and practice.

    Situation – Perpetual Data Problem

    Diagram of a head with gears around it and speech bubbles with notes titled 'Data Problem'. The surrounding gears, clockwise from bottom left, say 'Accessibility', 'Trust', 'Data Breach', 'Ambiguity', 'Ownership', 'Duplication', 'System Failure', and 'Manual Manipulation'. The speech bubbles notes, clockwise from bottom left, say 'Value-Add: How do I translate business needs to data capabilities?', 'Practice Organization: How do I organize resources and roles assignment challenges?', 'Platform: How do I organize data flows with no conceptual view of the environment?', and 'Break Down Silos: How do I break down silos?'
    I can’t access the data.
    I don’t trust the data in the report.
    It takes too long to get to the data for decision making
    • Lack of data-centric leadership results in downstream issues: integration, quality, accessibility
    • The organization’s data is too complex to manage without a cohesive plan.
    • The complex nature of the data and a lack of understanding leads to de-scoping delivery of data services that does not meet business needs or add value.
    • Poorly designed practice and siloed platforms result in an initiative that is lengthy, costly, fizzles out, does not deliver business value, and ends up being considered a failure.

    Complication – Data Initiative Fizzles Out

    • Data problem: When the data problem is diagnosed the organization adopts a tactical approach.
    • Confirmation bias: Subject matter experts (SME) are hired to resolve the poorly defined problem, but the success of the SME is impacted by lack of architecture, technology, and organizational alignment.
    • Still no value: the selected tactical approach does not provide a solid foundation or solve your data problem.
    • Strategy for sake of strategy: Implementing a strategic approach for sake of being strategic but this becomes overwhelming.
    • Fall back to tactical and operational: The data services are now potentially exposed and vulnerable, which strains business continuity and increases data debt.
    • Increased complexity and risk: Data silos, poor understanding, and high complexity result in an unmanageable data environment.
    Flowchart beginning with 'Data Symptom Exhibited' and 'Data Problem Diagnosed', then splitting into two paths 'Solve Data Problem as a point solution' or 'Attempt Strategic approach without culture, capacity, and business leadership'. Each approach ends with 'Data too complex, and initiative fizzles out...' and cycles back to the beginning.
    Use the road-tested patterns and frameworks in our blueprint to break the perpetual data solution cycle. Focus on the value that a data and analytics platform will bring rather than focusing on the data problems alone.

    Build Your Data Practice and Platform

    Bring Your Data Strategy to Life

    Logo for Info-Tech.
    Logo for #iTRG.
    CONVENTIONAL WISDOM

    Attempting to Solve Your Data Problems

    DATA SYMPTOM EXHIBITED

    Mismatch report, data quality issue, or similar symptom of a data problem.

    DATA PROBLEM DIAGNOSED

    Data expert identifies it as a data problem.

    COMPLEX STRATEGIC APPROACH ATTEMPTED

    Recognized need to attempt it strategically, but don't have capacity or culture to execute.

    Cycle diagram titled 'Data Problems' with numbers connected to surrounding steps, and a break after Step 3 where one can 'BREAK THE CYCLE'. In the middle are a list of data problems: 'Accessibility’, ‘Data Breach', 'Manual Manipulation', 'System Failure', 'Ambiguity', 'Duplication', 'Ownership', and 'Trust'.
    SOLUTION FAILS

    The tactical solution fails to solve the root cause of the data problem, and the data symptoms persist.

    TACTICAL SOLUTION FALLBACK

    A quick and dirty solution is attempted in order to fix the data problem.

    THE COMPLEX APPROACH FIZZLES OUT

    Attempted strategic approach takes too long, fizzles out.

    BREAK THE CYCLE

    Solving Your Data Problems

    1. DEFINE YOUR DATA REQUIREMENTS Incorporate a Business to Data Approach by utilizing Info-Tech's business capability templates for identifying data needs. BUSINESS-ALIGNED DATA REQUIREMENTS
    2. CONDUCT YOUR DATA DISCOVERY Understand the data behind your business problem. Identify the required data capabilities and domains as required by your business processes. RECOMMENDED DATA CAPABILITIES
    3. DESIGN YOUR DATA PRACTICES Build your custom data practices based on the predefined reusable models. CUSTOMIZED DATA PRACTICE
    4. ARCHITECT YOUR DATA PLATFORM Build your custom data platform based on the redefined reusable architecture patterns. CUSTOMIZED DATA PLATFORM
    CONTINUOUS PHASE: ROADMAP, SPONSORSHIP FEEDBACK AND DELIVERY

    Develop a roadmap to establish the practice and implement the architecture as designed. Ensure continuous alignment of the practice and architecture with the business landscape.

    Phase-by-Phase Approach to Build Your Data Practice and Platform

    Flowchart detailing the path to take through the four phases of this blueprint beginning with the 'Inputs' and 'People' involved and incorporating 'Deliverables' along the way. Phase-by-Phase Approach
    • Phase 1: Step 1 – Define Your Data Requirement
    • Phase 1: Step 2 – Conduct Your Data Discovery
    • Phase 2 – Design Your Data Practice
    • Phase 3 – Architect Your Data Platform

    Measure value when building your data practice and platform

    Sample Data Management Metrics

    Lists of data management metrics in different categories.

    • Refine the metrics for the overall Data Management practice and every initiative therein.
    • Refine the metrics at each platform and practice component to show business value against implementation effort.

    Understand and Build Data Culture

    See your Info-Tech Account Representative for more details on our Data Culture Diagnostic

    Only 14.29% of Transportation and Logistics respondents agree BI and Analytics Process and Technology are sufficient What is a diagnostic?

    Our diagnostics are the simplest way to collect the data you need, turn it into actionable insights, and communicate with stakeholders across the organization.

    52.54% of respondents from the healthcare industry are unaware of their organization’s data security policy
    Ask the Right Questions

    Use our low-effort surveys to get the data you need from stakeholders across the organization.

    Use Our Diagnostic Engine

    Our diagnostic engine does all the heavy lifting and analysis, turning your data into usable information.

    Communicate & Take Action

    Wow your executives with the incredible insights you've uncovered. Then, get to action: make IT better.

    On average only 40% agree that they have the reporting when needed


    (Source: Info-Tech’s Data Culture Diagnostic, 53 Organizations, 3138 Responses)

    35% of respondents feel that a governance body is in place looking at strategic data

    Build a Data-Driven Strategy Using Info-Tech Diagnostic Programs

    Make informed IT decisions by starting your diagnostic program today. Your account manager is waiting to help you.
    Sample of Info-Tech's 'Data Culture Scorecard'.

    Use Our Predefined Data and Analytics Patterns to Build Your DnA Landscape

    Walking through a book of architecture building plans with a personal guide is cheaper and faster than employing an architect to build and design your home

    Two books titled 'The Everything Homebuilding Book' and 'Architecture 101'. An open book with a finger pointing to a diagram.

    The first step is to align business strategy with data strategy and then start building your data practice and data platform

    Flowchart starting with business strategy focuses, then to data strategy focuses, and eventually to 'Data Metrics'.

    Insights

    The true value of data comes from defining intentional relationships between the business and the data through a well-thought-out data platform and practice.

    • Phase 1
      • Some organizations are low maturity so using the traditional Capability Maturity Model Integration (CMMI) would not make sense. A great alternative is to leverage existing models and methodologies to get going off the bat.
      • The Data Strategy is an input into the platform and practice. This is considered the Why; Data Practice and Platform is the How.
    • Phase 2
      • Info-Tech’s approach is business-goal driven and it leverages patterns, which enable the implementation of critical and foundational components and subsequently facilitates the evolution and development of the practice over time.
      • Systems should not be designed in isolation. Cross-functional collaboration throughout the design is critical to ensure all types of issues are revealed early. Otherwise, crucial tests are omitted, deployments fail, and end-users are dissatisfied.
    • Phase 3
      • Build your conceptual data architecture based on well-thought-out formulated patterns that align with your organization’s needs and environment.
      • Functional needs often take precedence over quality architecture. Quality must be baked into design, execution, and decision-making practices to ensure the right trade-offs are made.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Info-Tech’s Methodology for Building Your Data Practice and Platform

    Phase 1 –
    Define Your Data Requirements and Conduct Your Data Discovery
    Phase 2 –
    Design Your Data Practices
    Phase 3 –
    Architect Your Data Platform
    Phase Steps
    1. Identify your top initiatives
    2. Map your data initiatives to data capabilities
    1. Understand the practices value statement
    2. Review the Info-Tech practice pattern
    3. Initiate your practice design and setup
    1. Identify your data component
    2. Refine your data platform architecture
    3. Design your data platform
    4. Identify your new components and capabilities
    5. Initiative platform build and rollout
    Phase Outcomes Business-aligned data initiatives and capabilities that address data challenges and realize business strategic objectives Comprehensive data practice design based on the required business and data capabilities Data platform design based on Info-Tech data architecture reference pattern and prioritized data initiatives and capabilities

    Data Platform and Practice Implementation Plan

    Example timeline for data platform and practice implementation plan with 'Fiscal Years' across the top, and below they're broken down into quarters. Along the left side 'Phase 1: Step 1...', 'Phase 1: Step 2...', 'Phase 2...' and 'Phase 3'. Tasks are mapped onto the timeline in each phase with a short explanation.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889
    Info-Tech’s Workshop support for Build Your Data Practice and Platform. 'Build Your Data Practice and Platform' slide from earlier.
    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Workshop 1

    Data Needs and Discovery

    Workshop 2

    Data Practice Design

    Workshop 3

    Data Platform Design

    Workshop 1:
    Data Needs and Discovery

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889
    Day 1 Day 2 Day 3 Day 4
    Establish Business Context and Value
    Identify Your Top Initiatives
    Analyze Data Challenges
    Map Data Capability
    Activities

    1.1 Understand/confirm your organization’s strategic goals

    1.2 Classify the strategic goals and map to business drivers

    1.3 Identify the business capabilities that the strategy focus is on

    1.4 Identify the business processes realizing the strategy

    2.1 Highlight data-related outcomes /goals to realize to fulfill the business goal

    2.2 Map business data initiatives to the business strategic goals

    2.3 Prioritize Data initiatives

    3.1 Understand data management capabilities and framework

    3.2 Classify business data requirements using Info-Tech’s classification approach

    3.3 Highlight data challenges in your current environment

    4.1 Map data challenges to Info-Tech data challenges

    4.2 Review Info-Tech data capabilities based on prioritized initiative

    4.3 Discuss Data Platform and Practice Next Steps

    Deliverables
    • Business context and strategic drivers
    • Prioritized business capabilities and processes
    • Data Culture Survey results analysis
    • High-value business-aligned data initiative
    • List of data challenges preventing data maturation with the organization
    • Required data capabilities
    • Data platform and practice – plan
    • Initialized data management RACI
    Participants Business stakeholder, Business leader Business Subject Matter Expert, Data IT sponsor (CIO), Head of Data, Data Architect Business stakeholder, Business leader Business Subject Matter Expert, Data IT sponsor (CIO), Head of Data, Data Architect Data experts, Business Subject Matter Expert, Head of Data, Data Architect Data experts, Business Subject Matter Expert, Head of Data, Data Architect

    Workshop 2:
    Data Practice Design

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889
    Day 1 Day 2 Day 3 Day 4
    Plan Your Data Practices
    Design Your Data Practices 1
    Design Your Data Practices 2
    Design Your Data Practices 3
    Activities

    Prerequisite: Business context, business data requirement, and data capabilities

    1.1 Understand data practice framework

    1.2 Define your practice implementation approach

    1.3 Review and update data management RACI

    2.1 Understand Info-Tech data practice patterns for each prioritized practice

    2.2 Define your practice setup for each prioritized practice

    2.3 Highlight critical processes for each practice

    3.1 Understand Info-Tech data practice patterns for each prioritized practice

    3.2 Define your practice setup for each prioritized practice

    3.3 Highlight critical processes for each practice

    4.1 Understand Info-Tech data practice patterns for each prioritized practice

    4.2 Define your practice setup for each prioritized practice

    4.3 Highlight critical processes for each practice

    4.4 Discuss data platform and practice next steps

    Deliverables
    • Data practice implementation approach
    • Data management RACI
    • Data practice setup pattern for your organization
    • Data practice process pattern for your organization
    • Data practice setup pattern for your organization
    • Data practice process pattern for your organization
    • Data practice setup pattern for your organization
    • Data practice process pattern for your organization
    • Data platform and practice – plan
    Participants Data experts, Business Subject Matter Expert, Head of Data, Data Architect Data experts, Business Subject Matter Expert, Head of Data, Data Architect Data experts, Business Subject Matter Expert, Head of Data, Data Architect Data experts, Business Subject Matter Expert, Head of Data, Data Architect

    Workshop 3:
    Data Platform Design

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889
    Day 1Day 2Day 3Day 4
    Data Platform Overview
    Update Data Platform Reference Architecture
    Design Your Data Platform
    Design Your Data Practices 4
    Activities

    Prerequisite: Business context, business data requirement, and data capabilities

    1.1 Understand data platform framework and data capabilities

    1.2 Understand key data architecture principles and best practices

    1.3 Shortlist data platform patterns

    2.1 Map and identify data capabilities to data platform components

    2.2 Build data platform architecture using Info-Tech data platform reference architecture

    2.3 Highlight critical processes for each practice

    3.1 Design your target data platform using Info-Tech’s data platform template

    3.2 Identify new capabilities and components in your platform design

    4.1 Identify new capabilities and component in your platform design

    4.2 Discuss data platform initiatives

    Deliverables
    • Shortlisted data platform patterns
    • Data platform reference architecture for your organization
    • Data platform design for your organization
    • Data platform plan
    ParticipantsData experts, Business Subject Matter Expert, Head of Data, Data ArchitectData experts, Business Subject Matter Expert, Head of Data, Data ArchitectData experts, Business Subject Matter Expert, Head of Data, Data ArchitectData experts, Business Subject Matter Expert, Head of Data, Data Architect

    Build Your Data Practice and Platform

    Phase 1

    Phase 1: Step 1 – Define Your Data Requirements
    Phase 1: Step 2 – Conduct Your Data Discovery

    Phase 1

    1.1 Define Your Data Requirements
    1.2 Conduct Your Data Discovery

    Phase 2 Phase 3

    Phase 1: Step 1 – Define Your Data Requirements will walk you through the following activities:

    • Confirm the organizational strategic goals, business drivers, business capabilities, and processes driving the Data Practice and Platform effort.
    • Identify the data related outcomes, goals, and ideal environment needed to fulfill the business goals.

    This phase involves the following participants:

    A blend of business leaders and business SMEs together with the Data Strategy team.

    Phase 1: Step 2 – Conduct Your Data Discovery will walk you through the following activities:

    • Identify and highlight the data challenges faced in achieving the desired outcome.
    • Map the data challenges to the data capabilities required to realize the desired data outcome.

    This phase involves the following participants:

    Key personnel from IT/Data team: (Data Architect, Data Engineers, Head of Head of Reporting and Analytics)

    In Case Of Emergency...

    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    1. Get people to safety efficiently by following the floor warden's information and get out if needed
      If there are no floor wardens, YOU take the initiative and alert people. Vacate the premises if you suspect danger.
      Err on the side of caution. Nobody ever got fired over keeping people safe.
    2. Get people to safety (yes! double check this)
    3. Check what is happening
    4. Stop the bleeding
    5. Check what you broke while stopping the bleeding
    6. Check if you need to go into DR mode
    7. Go into DR mode if that is the fastest way to restore the service
    8. Only now start to look deeper

    Notice what is missing in this list?

    • WHY did this happen?
    • WHO did what

    During the first reactions to an event, stick to the facts of what is happening and the symptoms. If the symptoms are bad, attend to people first, no matter the financial losses occurring.
    Remember that financial losses are typically insured. Human life is not. Only loss of income and ability to pay is insured! Not the person's life.

    The WHY, HOW, WHO and other root cause questions are asked in the aftermath of the incident and after you have stabilized the situation.
    In ITIL terms, those are Problem Management and Root Cause Analysis stage questions.

     

     

     

    Management, incident, reaction, emergency

    Make Prudent Decisions When Increasing Your Salesforce Footprint

    • Buy Link or Shortcode: {j2store}134|cart{/j2store}
    • member rating overall impact (scale of 10): 8.9/10 Overall Impact
    • member rating average dollars saved: $55,224 Average $ Saved
    • member rating average days saved: 4 Average Days Saved
    • Parent Category Name: Licensing
    • Parent Category Link: /licensing
    • Too often, organizations fail to achieve economy of scale. They neglect to negotiate price holds, do not negotiate deeper discounts as volume increases, or do not realize there are already existing contracts within the organization.
    • Understand what to negotiate. Organizations do not know what can and cannot be negotiated, which means value gets left on the table.
    • Integrations with other applications must be addressed from the outset. Many users buy the platform only to realize later on that the functionality they wanted does not exist and may be an extra expense with customization.

    Our Advice

    Critical Insight

    • Buying power dissipates when you sign the contract. Get the right product for the right number of users for the right term and get it right the first time.
    • Getting the best price does not assure a great total cost of ownership or ROI. There are many components as part of the purchasing process that if unaccounted for can lead to dramatic and unbudgeted spend.
    • Avoid buyer’s remorse through due diligence before signing the deal. If you need to customize the software or extend it with a third-party add-in, identify your costs and timelines upfront. Plan for successful adoption.

    Impact and Result

    • Centralize purchasing instead of enabling small deals to maximize discount levels by creating a process to derive a cost-effective methodology when subscribing to Sales Cloud, Service Cloud, and Force.com.
    • Educate your organization on Salesforce’s licensing methods and contract types, enabling informed purchasing decisions. Critical components of every agreement that need to be negotiated are a renewal escalation cap, term protection, and license metrics to document what comes with each. Re-bundling protection is also critical in case a product is no longer desired.
    • Proactively addressing integrations and business requirements will enable project success and enable the regular upgrades the come with a multi-tenant cloud services SaaS solution.

    Make Prudent Decisions When Increasing Your Salesforce Footprint Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you need to understand and document your Salesforce licensing strategy, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Establish software requirements

    Begin your journey by understanding whether Salesforce is the right CRM. Also proactively approach Salesforce licensing by understanding which information to gather and assessing the current state and gaps.

    • Make Prudent Decisions When Increasing Your Salesforce Footprint – Phase 1: Establish Software Requirements
    • Salesforce Licensing Purchase Reference Guide
    • RASCI Chart

    2. Evaluate licensing options

    Review current products and licensing models to determine which licensing models will most appropriately fit the organization's environment.

    • Make Prudent Decisions When Increasing Your Salesforce Footprint – Phase 2: Evaluate Licensing Options
    • Salesforce TCO Calculator
    • Salesforce Discount Calculator

    3. Evaluate agreement options

    Review Salesforce’s contract types and assess which best fits the organization’s licensing needs.

    • Make Prudent Decisions When Increasing Your Salesforce Footprint – Phase 3: Evaluate Agreement Options
    • Salesforce Terms and Conditions Evaluation Tool

    4. Purchase and manage licenses

    Conduct negotiations, purchase licensing, finalize a licensing management strategy, and enhance your CRM with a Salesforce partner.

    • Make Prudent Decisions When Increasing Your Salesforce Footprint – Phase 4: Purchase and Manage Licenses
    • Controlled Vendor Communications Letter
    • Vendor Communication Management Plan
    [infographic]

    Workshop: Make Prudent Decisions When Increasing Your Salesforce Footprint

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Establish Software Requirements

    The Purpose

    Assess current state and align goals; review business feedback.

    Interview key stakeholders to define business objectives and drivers.

    Key Benefits Achieved

    Have a baseline for whether Salesforce is the right solution.

    Understand Salesforce as a solution.

    Examine all CRM options.

    Activities

    1.1 Perform requirements gathering to review Salesforce as a potential solution.

    1.2 Gather your documentation before buying or renewing.

    1.3 Confirm or create your Salesforce licensing team.

    1.4 Meet with stakeholders to discuss the licensing options and budget allocation.

    Outputs

    Copy of your Salesforce Master Subscription Agreement

    RASCI Chart

    Salesforce Licensing Purchase Reference Guide

    2 Evaluate Licensing Options

    The Purpose

    Review product editions and licensing options.

    Review add-ons and licensing rules.

    Key Benefits Achieved

    Understand how licensing works.

    Discuss licensing rules and their application to your current environment.

    Determine the product and license mix that is best for your requirements.

    Activities

    2.1 Determine the editions, licenses, and add-ons for your Salesforce CRM solution.

    2.2 Calculate total cost of ownership.

    2.3 Use the Salesforce Discount Calculator to ensure you are getting the discount you deserve.

    2.4 Meet with stakeholders to discuss the licensing options and budget allocation.

    Outputs

    Salesforce CRM Solution

    Salesforce TCO Calculator

    Salesforce Discount Calculator

    Salesforce Licensing Purchase Reference Guide

    3 Evaluate Agreement Options

    The Purpose

    Review terms and conditions of Salesforce contracts.

    Review vendors.

    Key Benefits Achieved

    Determine if MSA or term agreement is best.

    Learn what specific terms to negotiate.

    Activities

    3.1 Perform a T&Cs review and identify key “deal breakers.”

    3.2 Decide on an agreement that nets the maximum benefit.

    Outputs

    Salesforce T&Cs Evaluation Tool

    Salesforce Licensing Purchase Reference Guide

    4 Purchase and Manage Licenses

    The Purpose

    Finalize the contract.

    Discuss negotiation points.

    Discuss license management and future roadmap.

    Discuss Salesforce partner and implementation strategy.

    Key Benefits Achieved

    Discuss negotiation strategies.

    Learn about licensing management best practices.

    Review Salesforce partner options.

    Create an implementation plan.

    Activities

    4.1 Know the what, when, and who to negotiate.

    4.2 Control the flow of communication.

    4.3 Assign the right people to manage the environment.

    4.4 Discuss Salesforce partner options.

    4.5 Discuss implementation strategy.

    4.6 Meet with stakeholders to discuss licensing options and budget allocation.

    Outputs

    Salesforce Negotiation Strategy

    Vendor Communication Management Plan

    RASCI Chart

    Info-Tech’s Core CRM Project Plan

    Salesforce Licensing Purchase Reference Guide

    Effectively Manage CxO Relations

    • Buy Link or Shortcode: {j2store}384|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Manage Business Relationships
    • Parent Category Link: /manage-business-relationships

    With the exponential pace of technological change, an organization's success will depend largely on how well CIOs can evolve from technology evangelists to strategic business partners. This will require CIOs to effectively broker relationships to improve IT's effectiveness and create business value. A confidential journal can help you stay committed to fostering productive relationships while building trust to expand your sphere of influence.

    Our Advice

    Critical Insight

    Highly effective executives have in common the ability to successfully balance three things: time, personal capabilities, and relationships. Whether you are a new CIO or an experienced leader, the relentless demands on your time and unpredictable shifts in the organization’s strategy require a personal game plan to deliver business value. Rather than managing stakeholders one IT project at a time, you need an action plan that is tailored for unique work styles.

    Impact and Result

    A personal relationship journal will help you:

    • Understand the context in which key stakeholders operate.
    • Identify the best communication approach to engage with different workstyles.
    • Stay committed to fostering relationships through difficult periods.

    Effectively Manage CxO Relations Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Effectively Manage CxO Relations Storyboard – A guide to creating a personal action plan to help effectively manage relationships across key stakeholders.

    Use this research to create a personal relationship journal in four steps:

    • Effectively Manage CxO Relations Storyboard

    2. Personal Relationship Management Journal Template – An exemplar to help you build your personal relationship journal.

    Use this exemplar to build a journal that is readily accessible, flexible, and easy to maintain.

    • Personal Relationship Management Journal Template

    Infographic

    Further reading

    Effectively Manage CxO Relations

    Make relationship management a daily habit with a personalized action plan.

    Analyst Perspective

    "Technology does not run an enterprise, relationships do." – Patricia Fripp

    As technology becomes increasingly important, an organization's success depends on the evolution of the modern CIO from a technology evangelist to a strategic business leader. The modern CIO will need to leverage their expansive partnerships to demonstrate the value of technology to the business while safeguarding their time and effort on activities that support their strategic priorities. CIOs struggling to transition risk obsolescence with the emergence of new C-suite roles like the Digital Transformation Officer, Chief Digital Officer, Chief Data Officer, and so on.

    CIOs will need to flex new social skills to accommodate diverse styles of work and better predict dynamic situations. This means expanding beyond their comfort level to acquire new social skills. Having a clear understanding of one's own work style (preferences, natural tendencies, motivations, and blind spots) is critical to identify effective communication and engagement tactics.

    Building trust is an art. Striking a balance between fulfilling your own goals and supporting others will require a carefully curated approach to navigate the myriad of personalities and work styles. A personal relationship journal will help you stay committed through these peaks and troughs to foster productive partnerships and expand your sphere of influence over the long term.

    Photo of Joanne Lee
    Joanne Lee
    Principal, Research Director, CIO Advisory
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    In today's unpredictable markets and rapid pace of technological disruptions, CIOs need to create business value by effectively brokering relationships to improve IT's performance. Challenges they face:

    • Operate in silos to run the IT factory.
    • Lack insights into their stakeholders and the context in which they operate.
    • Competing priorities and limited time to spend on fostering relationships.
    • Relationship management programs are narrowly focused on associated change management in IT project delivery.

    Common Obstacles

    Limited span of influence.

    Mistaking formal roles in organizations for influence.

    Understanding what key individuals want and, more importantly, what they don't want.

    Lack of situational awareness to adapt communication styles to individual preferences and context.

    Leveraging different work styles to create a tangible action plan.

    Perceiving relationships as "one and done."

    Info-Tech's Approach

    A personal relationship journal will help you stay committed to fostering productive relationships while building trust to expand your sphere of influence.

    • Identify your key stakeholders.
    • Understand the context in which they operate to define a profile of their mandate, priorities, commitments, and situation.
    • Choose the most effective engagement and communication strategies for different work styles.
    • Create an action plan to monitor and measure your progress.

    Info-Tech Insight

    Highly effective executives have in common the ability to balance three things: time, personal capabilities, and relationships. Whether you are a new CIO or an experienced leader, the relentless demand on your time and unpredictable shifts in the organization's strategy will require a personal game plan to deliver business value. This will require more than managing stakeholders one IT project at a time: It requires an action plan that fosters relationships over the long term.

    Key Concepts

    Stakeholder Management
    A common term used in project management to describe the successful delivery of any project, program, or activity that is associated with organizational change management. The goal of stakeholder management is intricately tied to the goals of the project or activity with a finite end. Not the focus of this advisory research.

    Relationship Management
    A broad term used to describe the relationship between two parties (individuals and/or stakeholder groups) that exists to create connection, inclusion, and influence. The goals are typically associated with the individual's personal objectives and the nature of the interaction is seen as ongoing and long-term.

    Continuum of Commitment
    Info-Tech's framework that illustrates the different levels of commitment in a relationship. It spans from active resistance to those who are committed to actively supporting your personal priorities and objectives. This can be used to baseline where you are today and where you want the relationship to be in the future.

    Work Style
    A reference to an individual's natural tendencies and expectations that manifest itself in their communication, motivations, and leadership skills. This is not a behavior assessment nor a commentary on different personalities but observable behaviors that can indicate different ways people communicate, interact, and lead.

    Glossary
    CDxO: Chief Digital Officer
    CDO: Chief Data Officer
    CxO: C-Suite Executives

    The C-suite is getting crowded, and CIOs need to foster relationships to remain relevant

    The span of influence and authority for CIOs is diminishing with the emergence of Chief Digital Officers and Chief Data Officers.

    63% of CDxOs report directly to the CEO ("Rise of the Chief Digital Officer," CIO.com)

    44% of organizations with a dedicated CDxO in place have a clear digital strategy versus 22% of those without a CDxO (KPMG/Harvey Nash CIO Survey)

    The "good news": CIOs tend to have a longer tenure than CDxOs.

    A diagram that shows the average tenure of C-Suites in years.
    Source: "Age and Tenure of C-Suites," Korn Ferry

    The "bad news": The c-suite is getting overcrowded with other roles like Chief Data Officer.

    A diagram that shows the number of CDOs hired from 2017 to 2021.
    Source: "Chief Data Officer Study," PwC, 2022

    An image of 7 lies technology executives tell ourselves.

    Info-Tech Insight

    The digital evolution has created the emergence of new roles like the Chief Digital Officer and Chief Data Officer. They are a response to bridge the skill gap that exists between the business and technology. CIOs need to focus on building effective partnerships to better communicate the business value generated by technology or they risk becoming obsolete.

    Create a relationship journal to effectively manage your stakeholders

    A diagram of relationship journal

    Info-Tech's approach

    From managing relationships with friends to key business partners, your success will come from having the right game plan. Productive relationships are more than managing stakeholders to support IT initiatives. You need to effectively influence those who have the potential to champion or derail your strategic priorities. Understanding differences in work styles is fundamental to adapting your communication approach to various personalities and situations.

    A diagram that shows from 1.1 to 4.1

    A diagram of business archetypes

    Summary of Insights

    Insight 1: Expand your sphere of influence
    It's not just about gaining a volume of acquaintances. Figure out where you want to spend your limited time, energy, and effort to develop a network of professional allies who will support and help you achieve your strategic priorities.

    Insight 2: Know thyself first and foremost
    Healthy relationships start with understanding your own working style, preferences, and underlying motivations that drive your behavior and ultimately your expectations of others. A win/win scenario emerges when both parties' needs for inclusion, influence, and connection are met or mutually conceded.

    Insight 3: Walk a mile in their shoes
    If you want to build successful partnerships, you need to understand the context in which your stakeholder operates: their motivations, desires, priorities, commitments, and challenges. This will help you adapt as their needs shift and, moreover, leverage empathy to identify the best tactics for different working styles.

    Insight 4: Nurturing relationships is a daily commitment
    Building, fostering, and maintaining professional relationships requires a daily commitment to a plan to get through tough times, competing priorities, and conflicts to build trust, respect, and a shared sense of purpose.

    Related Info-Tech Research

    Supplement your CIO journey with these related blueprints.

    Photo of First 100 Days as CIO

    First 100 Days as CIO

    Photo of Become a Strategic CIO

    Become a Strategic CIO

    Photo of Improve IT Team Effectiveness

    Improve IT Team Effectiveness

    Photo of Become a Transformational CIO

    Become a Transformational CIO

    Executive Brief Case Study

    Logo of Multicap Limited

    • Industry: Community Services
    • Source: Scott Lawry, Head of Digital

    Conversation From Down Under

    What are the hallmarks of a healthy relationship with your key stakeholders?
    "In my view, I work with partners like they are an extension of my team, as we rely on each other to achieve mutual success. Partnerships involve a deeper, more intimate relationship, where both parties are invested in the long-term success of the business."

    Why is it important to understand your stakeholder's situation?
    "It's crucial to remember that every IT project is a business project, and vice versa. As technology leaders, our role is to demystify technology by focusing on its business value. Empathy is a critical trait in this endeavor, as it allows us to see a stakeholder's situation from a business perspective, align better with the business vision and goals, and ultimately connect with people, rather than just technology."

    How do you stay committed during tough times?
    "I strive to leave emotions at the door and avoid taking a defensive stance. It's important to remain neutral and not personalize the issue. Instead, stay focused on the bigger picture and goals, and try to find a common purpose. To build credibility, it's also essential to fact-check assumptions regularly. By following these principles, I approach situations with a clear mind and better perspective, which ultimately helps achieve success."

    Photo of Scott Lawry, Head Of Digital at Multicap Limited

    Key Takeaways

    In a recent conversation with a business executive about the evolving role of CIOs, she expressed: "It's the worst time to be perceived as a technology evangelist and even worse to be perceived as an average CIO who can't communicate the business value of technology."

    This highlights the immense pressure many CIOs face when evolving beyond just managing the IT factory.

    The modern CIO is a business leader who can forge relationships and expand their influence to transform IT into a core driver of business value.

    Stakeholder Sentiment

    Identify key stakeholders and their perception of IT's effectiveness

    1.1 Identify Key Stakeholders

    A diagram of Identify Key Stakeholders

    Identify and prioritize your key stakeholders. Be diligent with stakeholder identification. Use a broad view to identify stakeholders who are known versus those who are "hidden." If stakeholders are missed, then so are opportunities to expand your sphere of influence.

    1.2 Understand Stakeholder's Perception of IT

    A diagram that shows Info-Tech's Diagnostic Reports and Hospital Authority XYZ

    Assess stakeholder sentiments from Info-Tech's diagnostic reports and/or your organization's satisfaction surveys to help identify individuals who may have the greatest influence to support or detract IT's performance and those who are passive observers that can become your greatest allies. Determine where best to focus your limited time amid competing priorities by focusing on the long-term goals that support the organization's vision.

    Info-Tech Insight

    Understand which individuals can directly or indirectly influence your ability to achieve your priorities. Look inside and out, as you may find influencers beyond the obvious peers or executives in an organization. Influence can result from expansive connections, power of persuasion, and trust to get things done.

    Visit Info-Tech's Diagnostic Programs

    Activity: Identify and Prioritize Stakeholders

    30-60 minutes

    1.1 Identify Key Stakeholders

    Start with the key stakeholders that are known to you. Take a 360-degree view of both internal and external connections. Leverage external professional & network platforms (e.g. LinkedIn), alumni connections, professional associations, forums, and others that can help flush out hidden stakeholders.

    1.2 Prioritize Key Stakeholders

    Use stakeholder satisfaction surveys like Info-Tech's Business Vision diagnostic as a starting point to identify those who are your allies and those who have the potential to derail IT's success, your professional brand, and your strategic priorities. Review the results of the diagnostic reports to flush out those who are:

    • Resisters: Vocal about their dissatisfaction with IT's performance and actively sabotage or disrupt
    • Skeptics: Disengaged, passive observers
    • Ambassadors: Aligned but don't proactively support
    • Champions: Actively engaged and will proactively support your success

    Consider the following:

    • Influencers may not have formal authority within an organization but have relationships with your stakeholders.
    • Influencers may be hiding in many places, like the coach of your daughter's soccer team who rows with your CEO.
    • Prioritize, i.e. three degrees of separation due to potential diverse reach of influence.

    Key Output: Create a tab for your most critical stakeholders.

    A diagram that shows profile tabs

    Download the Personal Relationship Management Journal Template.

    Understand stakeholders' business

    Create a stakeholder profile to understand the context in which stakeholders operate.

    2.1 Create individual profile for each stakeholder

    A diagram that shows different stakeholder questions

    Collect and analyze key information to understand the context in which your stakeholders operate. Use the information to derive insights about their mandate, accountabilities, strategic goals, investment priorities, and performance metrics and challenges they may be facing.

    Stakeholder profiles can be used to help design the best approach for personal interactions with individuals as their business context changes.

    If you are short on time, use this checklist to gather information:

    • Stakeholder's business unit (BU) strategy goals
    • High-level organizational chart
    • BU operational model or capability map
    • Key performance metrics
    • Projects underway and planned
    • Financial budget (if available)
    • Milestone dates for key commitments and events
    • External platforms like LinkedIn, Facebook, Twitter, Slack, Instagram, Meetup, blogs

    Info-Tech Insight

    Understanding what stakeholders want (and more importantly, what they don't) requires knowing their business and the personal and social circumstances underlying their priorities and behaviors.

    Activity: Create a stakeholder profile

    30-60 minutes

    2.1.0 Understand stakeholder's business context

    Create a profile for each of your priority stakeholders to document their business context. Review all the information collected to understand their mandate, core accountability, and business capabilities. The context in which individuals operate is a window into the motivations, pressures, and vested interests that will influence the intersectionality between their expectations and yours.

    2.1.1 Document Observable Challenges as Private Notes

    Crushing demands and competing priorities can lead to tension and stress as people jockey to safeguard their time. Identify some observable challenges to create greater situational awareness. Possible underlying factors:

    • Sudden shifts/changes in mandate
    • Performance (operations, projects)
    • Finance
    • Resource and talent gaps
    • Politics
    • Personal circumstances
    • Capability gaps/limitations
    • Capacity challenges

    A diagram that shows considerations of this activity.

    Analyze Stakeholder's Work Style

    Adapt communication styles to the situational context in which your stakeholders operate

    2.2 Determine the ideal approach for engaging each stakeholder

    Each stakeholder has a preferred modality of working which is further influenced by dynamic situations. Some prefer to meet frequently to collaborate on solutions while others prefer to analyze data in solitude before presenting information to substantiate recommendations. However, fostering trust requires:

    1. Understanding your preferred default when engaging others.
    2. Knowing where you need to expand your skills.
    3. Identifying which skills to activate for different professional scenarios.

    Adapting your communication style to create productive interactions will require a diverse arsenal of interpersonal skills that you can draw upon as situations shift. The ability to adapt your work style to dial any specific trait up or down will help to increase your powers of persuasion and influence.

    "There are only two ways to influence human behavior: you can manipulate it, or you can inspire it." – Simon Sinek

    Activity: Identify Engagement Strategies

    30 minutes

    2.2.0 Establish work styles

    Every individual has a preferred style of working. Determine work styles starting with self-awareness:

    • Express myself - How you communicate and interact with others
    • Expression by others - How you want others to communicate and interact with you

    Through observation and situational awareness, we can make inferences about people's work style.

    • Observations - Observable traits of other people's work style
    • Situations - Personal and professional circumstances that influence how we communicate and interact with one another

    Where appropriate and when opportunities arise, ask individuals directly about their preferred work styles and method for communication. What is their preferred method of communication? During a normal course of interaction vs. for urgent priorities?

    2.2.1 Brainstorm possible engagement strategies

    Consider the following when brainstorming engagement strategies for different work styles.

    A table of involvement, influence, and connection.

    Think engagement strategies in different professional scenarios:

    • Meetings - Where and how you connect
    • Communicating - How and what you communicate to create connection
    • Collaborating - What degree of involved in shared activities
    • Persuading - How you influence or direct others to get things done

    Expand New Interpersonal Skills

    Use the Business Archetypes to brainstorm possible approaches for engaging with different work styles. Additional communication and engagement tactics may need to be considered based on circumstances and changing situations.

    A diagram that shows business archetypes and engagement strategies.

    Communicate Effectively

    Productive communication is a dialogue that requires active listening, tailoring messages to fluid situations, and seeking feedback to adapt.

    A diagram of elements that contributes to better align intention and impact

    Be Relevant

    • Understand why you need to communicate
    • Determine what you need to convey
    • Tailor your message to what matters to the audience and their context
    • Identify the most appropriate medium based on the situation

    Be Consistent and Accurate

    • Say what you mean and mean what you say to avoid duplicity
    • Information should be accurate and complete
    • Communicate truthfully; do not make false promises or hide bad news
    • Don't gossip

    Be Clear and Concise

    • Keep it simple and avoid excessive jargon
    • State asks upfront to set intention and transparency
    • Avoid ambiguity and focus on outcomes over details
    • Be brief and to the point or risk losing stakeholder's attention

    Be Attentive and Authentic

    • Stay engaged and listen actively
    • Be curious and inquire for clarification or explanation
    • Be flexible to adapt to both verbal and non-verbal cues
    • Be authentic in your approach to sharing yourself
    • Avoid "canned" approaches

    A diagram of listen, observe, reflect.


    "Good communication is the bridge between confusion and clarity."– Nat Turner (LinkedIn, 2020)

    Exemplar: Engaging With Jane

    A diagram that shows Exemplar: Engaging With Jane

    Exemplar: Engaging With Ali

    A diagram that shows Exemplar: Engaging With Ali

    Develop an Action Plan

    Moving from intent to action requires a plan to ensure you stay committed through the peaks and troughs.

    Create Your 120-Day Plan

    An action plan example

    Key elements of the action plan:

    • Strategic priorities – Your top focus
    • Objective – Your goals
    • 30-60-90-120 Day Topics – Key agenda items
    • Meeting Progress Notes – Key takeaways from meetings
    • Private Notes – Confidential observations

    Investing in relationships is a long-term process. You need to accumulate enough trust to trade or establish coalitions to expand your sphere of influence. Even the strongest of professional ties will have their bouts of discord. To remain committed to building the relationship during difficult periods, use an action plan that helps you stay grounded around:

    • Shared purpose
    • Removing emotion from the situation
    • Continuously learning from every interaction

    Photo of Angela Diop
    "Make intentional actions to set intentionality. Plans are good to keep you grounded and focused especially when relationship go through ups and down and there are changes: to new people and new relationships."
    – Angela Diop, Senior Director, Executive Services, Info-Tech & former VP of Information Services with Unity Health Care

    Activity: Design a Tailored Action Plan

    30-60 minutes

    3.1.0 Determine your personal expectations

    Establish your personal goals and expectations around what you are seeking from the relationship. Determine the strength of your current connection and identify where you want to move the relationship across the continuum of commitment.

    Use insights from your stakeholder's profile to explore their span of influence and degree of interest in supporting your strategic priorities.

    3.1.1 Determine what you want from the relationship

    Based on your personal goals, identify where you want to move the relationship across the continuum of commitment: What are you hoping to achieve from the relationship? How will this help create a win/win situation for both you and the key stakeholder?

    A diagram of Continuum of Commitment.

    3.1.2 Identify your metrics for progress

    Fostering relationships take time and commitment. Utilizing metrics or personal success criteria for each of your focus areas will help you stay on track and find opportunities to make each engagement valuable instead of being transactional.

    A graph that shows influence vs interest.

    Make your action plan impactful

    Level of Connection

    The strength of the relationship will help inform the level of time and effort needed to achieve your goals.

    • Is this a new or existing relationship?
    • How often do you connect with this individual?
    • Are the connections driven by a shared purpose or transactional as needs arise?

    Focus on Relational Value

    Cultivate your network and relationship with the goal of building emotional connection, understanding, and trust around your shared purpose and organization's vision through regular dialogue. Be mindful of transactional exchanges ("quid pro quo") to be strategic about its use. Treat every interaction as equally important regardless of agenda, duration, or channel of communication.

    Plan and Prepare

    Everyone's time is valuable, and you need to come prepared with a clear understanding of why you are engaging. Think about the intentionality of the conversation:

    • Gain buy-in
    • Create transparency
    • Specific ask
    • Build trust and respect
    • Provide information to clarify, clear, or contain a situation

    Non-Verbal Communication Matters

    Communication is built on both overt expressions and subtext. While verbal communication is the most recognizable form, non-lexical components of verbal communication (i.e. paralanguage) can alter stated vs. intended meaning. Engage with the following in mind:

    • Tone, pitch, speed, and hesitation
    • Facial expressions and gestures
    • Choice of channel for engagement

    Exemplar: Action Plan for VP, Digital

    A diagram that shows Exemplar: Action Plan for VP, Digital

    Make Relationship Management a Daily Habit

    Management plans are living documents and need to be flexible to adapt to changes in stakeholder context.

    Monitor and Adjust to Communicate Strategically

    A diagram that shows Principles for Effective Communication and Key Measures

    Building trust takes time and commitment. Treat every conversation with your key stakeholders as an investment in building the social capital to expand your span of influence when and where you need it to go. This requires making relationship management a daily habit. Action plans need to be a living document that is your personal journal to document your observations, feelings, and actions. Such a plan enables you to make constant adjustments along the relationship journey.

    "Without involvement, there is no commitment. Mark it down, asterisk it, circle it, underline it."– Stephen Convey (LinkedIn, 2016)

    Capture some simple metrics

    If you can't measure your actions, you can't manage the relationship.

    An example of measures: what, why, how - metrics, and intended outcome.

    While a personal relationship journal is not a formal performance management tool, identifying some tangible measures will improve the likelihood of aligning your intent with outcomes. Good measures will help you focus your efforts, time, and resources appropriately.

    Keep the following in mind:

    1. WHAT are you trying to measure?
      Specific to the situation or scenario
    2. WHY is this important?
      Relevant to your personal goals
    3. HOW will you measure?
      Achievable and quantifiable
    4. WHAT will the results tell you?
      Intended outcome that is directional

    Summary of accomplishments

    Knowledge Gained

    • Relationship management is critical to a CIO's success
    • A personal relationship journal will help build:
      • Customized approach to engaging stakeholders
      • New communication skills to adapt to different work styles

    New Concepts

    • Work style assessment framework and engagement strategies
    • Effective communication strategies
    • Continuum of commitment to establish personal goals

    Approach to Creating a Personal Journal

    • Step-by-step approach to create a personal journal
    • Key elements for inclusion in a journal
    • Exemplar and recommendations

    Related Info-Tech Research

    Photo of Tech Trends and Priorities Research Centre

    Tech Trends and Priorities Research Centre

    Access Info-Tech's Tech Trend reports and research center to learn about current industry trends, shifts in markets, and disruptions that are impacting your industry and sector. This is a great starting place to gain insights into how the ecosystem is changing your business and the role of IT within it.

    Photo of Embed Business Relationship Management in IT

    Embed Business Relationship Management in IT

    Create a business relationship management (BRM) function in your program to foster a more effective partnership with the business and drive IT's value to the organization.

    Photo of Become a Transformational CIO

    Become a Transformational CIO

    Collaborate with the business to lead transformation and leave behind a legacy of growth.

    Appendix: Framework

    Content:

    • Adaptation of DiSC profile assessment
    • DiSC Profile Assessment
    • FIRO-B Framework
    • Experience Cube

    Info-Tech's Adaption of DiSC Assessment

    A diagram of business archetypes

    Info-Tech's Business Archetypes was created based on our analysis of the DiSC Profile and Myers-Briggs FIRO-B personality assessment tools that are focused on assessing interpersonal traits to better understand personalities.

    The adaptation is due in part to Info-Tech's focus on not designing a personality assessment tool as this is neither the intent nor the expertise of our services. Instead, the primary purpose of this adaptation is to create a simple framework for our members to base their observations of behavioral cues to identify appropriate communication styles to better interact with key stakeholders.

    Cautionary note:
    Business archetypes are personas and should not be used to label, make assumptions and/or any other biased judgements about individual personalities. Every individual has all elements and aspects of traits across various spectrums. This must always remain at the forefront when utilizing any type of personality assessments or frameworks.

    Click here to learn about DiSC Profile
    Click here learn about FIRO-B
    Click here learn about Experience Cube

    DiSC Profile Assessment

    A photo of DiSC Profile Assessment

    What is DiSC?

    DisC® is a personal assessment tool that was originally developed in 1928 by psychologist William Moulton Marston, who designed it to predict job performance. The tool has evolved and is now widely used by thousands of organizations around the world, from large government agencies and Fortune 500 companies to nonprofit and small businesses, to help improve teamwork, communication, and productivity in the workplace. The tool provides a common language people can use to better understand themselves and those they interact with - and use this knowledge to reduce conflict and improve working relationships.

    What does DiSC mean?

    DiSC is an acronym that stands for the four main personality profiles described in the Everything DiSC model: (D)ominance, (i)nfluence, (S)teadiness, (C)onscientiousness

    People with (D) personalities tend to be confident and emphasize accomplishing bottom-line results.
    People with (i) personalities tend to be more open and emphasize relationships and influencing or persuading others.
    People with (S) personalities tend to be dependable and emphasize cooperation and sincerity.
    People with (C) personalities tend to emphasize quality, accuracy, expertise, and competency.

    Go to this link to explore the DiSC styles

    FIRO-B® – Interpersonal Assessment

    A diagram of FIRO framework

    What is FIRO workplace relations?

    The Fundamental Interpersonal Relations Orientation Behavior (FIRO-B®) tool has been around for forty years. The tool assesses your interpersonal needs and the impact of your behavior in the workplace. The framework reveals how individuals can shape and adapt their individual behaviors, influence others effectively, and build trust among colleagues. It has been an excellent resource for coaching individuals and teams about the underlying drivers behind their interactions with others to effectively build successful working relationships.

    What does the FIRO framework measure?

    The FIRO framework addresses five key questions that revolve around three interpersonal needs. Fundamentally, the framework focuses on how you want to express yourself toward others and how you want others to behave toward you. This interaction will ultimately result in the universal needs for (a) inclusion, (b) control, and (c) affection. The insights from the results are intended to help individuals adjust their behavior in relationships to get what they need while also building trust with others. This will allow you to better predict and adapt to different situations in the workplace.

    How can FIRO influence individual and team performance in the workplace?

    FIRO helps people recognize where they may be giving out mixed messages and prompts them to adapt their exhibited behaviors to build trust in their relationships. It also reveals ways of improving relationships by showing individuals how they are seen by others, and how this external view may differ from how they see themselves. Using this lens empowers people to adjust their behavior, enabling them to effectively influence others to achieve high performance.

    In team settings, it is a rich source of information to explore motivations, underlying tensions, inconsistent behaviors, and the mixed messages that can lead to mistrust and derailment. It demonstrates how people may approach teamwork differently and explains the potential for inefficiencies and delays in delivery. Through the concept of behavioral flexibility, it helps defuse cultural stereotypes and streamline cross-cultural teams within organizations.

    Go to this link to explore FIRO-B for Business

    Experience Cube

    A diagram of experience cube model.

    What is an experience cube?

    The Experience Cube model was developed by Gervase Bushe, a professor of Leadership and Organization at the Simon Fraser University's school of Business and a thought leader in the field of organizational behavior. The experience cube is intended as a tool to plan and manage conversations to communicate more effectively in the moment. It does this by promoting self-awareness to better reduce anxiety and adapt to evolving and uncertain situations.

    How does the experience cube work?

    Using the four elements of the experience cube (Observations, Thoughts, Feelings, and Wants) helps you to separate your experience with the situation from your potential judgements about the situation. This approach removes blame and minimizes defensiveness, facilitating a positive discussion. The goal is to engage in a continuous internal feedback loop that allows you to walk through all four quadrants in the moment to help promote self-awareness. With heightened self-awareness, you may (1) remain curious and ask questions, (2) check-in for understanding and clarification, and (3) build consensus through agreement on shared purpose and next steps.

    Observations: Sensory data (information you take in through your senses), primarily what you see and hear. What a video camera would record.

    Thoughts: The meaning you add to your observations (i.e. the way you make sense of them, including your beliefs, expectations, assumptions, judgments, values, and principles). We call this the "story you make up."

    Feelings: Your emotional or physiological response to the thoughts and observations. Feelings words such as sad, mad, glad, scared, or a description of what is happening in your body.

    Wants: Clear description of the outcome you seek. Wants go deeper than a simple request for action. Once you clearly state what you want, there may be different ways to achieve it.

    Go to this link to explore more: Experience Cube

    Research Contributors and Experts

    Photo of Joanne Lee
    Joanne Lee
    Principal, Research Director, CIO Advisory
    Info-Tech Research Group

    Joanne is a professional executive with over twenty-five years of experience in digital technology and management consulting spanning healthcare, government, municipal, and commercial sectors across Canada and globally. She has successfully led several large, complex digital and business transformation programs. A consummate strategist, her expertise spans digital and technology strategy, organizational redesign, large complex digital and business transformation, governance, process redesign, and PPM. Prior to joining Info-Tech Research Group, Joanne was a Director with KPMG's CIO Advisory management consulting services and the Digital Health practice lead for Western Canada. She brings a practical and evidence-based approach to complex problems enabled by technology.

    Joanne holds a Master's degree in Business and Health Policy from the University of Toronto and a Bachelor of Science (Nursing) from the University of British Columbia.



    Photo of Gord Harrison
    Gord Harrison
    Senior Vice President, Research and Advisory
    Info-Tech Research Group

    Gord Harrison, SVP, Research and Consulting, has been with Info-Tech Research Group since 2002. In that time, Gord leveraged his experience as the company's CIO, VP Research Operations, and SVP Research to bring the consulting and research teams together under his current role, and to further develop Info-Tech's practical, tactical, and value-oriented research product to the benefit of both organizations.

    Prior to Info-Tech, Gord was an IT consultant for many years with a focus on business analysis, software development, technical architecture, and project management. His background of educational game software development, and later, insurance industry application development gave him a well-rounded foundation in many IT topics. Gord prides himself on bringing order out of chaos and his customer-first, early value agile philosophy keeps him focused on delivering exceptional experiences to our customers.



    Photo of Angela Diop
    Angela Diop
    Senior Director, Executive Services
    Info-Tech Research Group

    Angela has over twenty-five years of experience in healthcare, as both a healthcare provider and IT professional. She has spent over fifteen years leading technology departments and implementing, integrating, managing, and optimizing patient-facing and clinical information systems. She believes that a key to a healthcare organization's ability to optimize health information systems and infrastructure is to break the silos that exist in healthcare organizations.

    Prior to joining Info-Tech, Angela was the Vice President of Information Services with Unity Health Care. She has demonstrated leadership and success in this area by fostering environments where business and IT collaborate to create systems and governance that are critical to providing patient care and sustaining organizational health.

    Angela has a Bachelor of Science in Systems Engineering and Design from the University of Illinois and a Doctorate of Naturopathic Medicine from Bastyr University. She is a Certified CIO with the College of Healthcare Information Management Executives. She is a two-time Health Information Systems Society (HIMSS) Davies winner.



    Photo of Edison Barreto
    Edison Barreto
    Senior Director, Executive Services
    Info-Tech Research Group

    Edison is a dynamic technology leader with experience growing different enterprises and changing IT through creating fast-paced organizations with cultural, modernization, and digital transformation initiatives. He is well versed in creating IT and business cross-functional leadership teams to align business goals with IT modernization and revenue growth. Over twenty-five years of Gaming, Hospitality, Retail, and F&B experience has given him a unique perspective on guiding and coaching the creation of IT department roadmaps to focus on business needs and execute successful changes.

    Edison has broad business sector experience, including:
    Hospitality, Gaming, Sports and Entertainment, IT policy and oversight, IT modernization, Cloud first programs, R&D, PCI, GRDP, Regulatory oversight, Mergers acquisitions and divestitures.



    Photo of Mike Tweedie
    Mike Tweedie
    Practice Lead, CIO Strategy
    Info-Tech Research Group

    Michael Tweedie is the Practice Lead, CIO – IT Strategy at Info-Tech Research Group, specializing in creating and delivering client-driven, project-based, practical research, and advisory. He brings more than twenty-five years of experience in technology and IT services as well as success in large enterprise digital transformations.

    Prior to joining Info-Tech, Mike was responsible for technology at ADP Canada. In that role, Mike led several large transformation projects that covered core infrastructure, applications, and services and worked closely with and aligned vendors and partners. The results were seamless and transparent migrations to current services, like public cloud, and a completely revamped end-user landscape that allowed for and supported a fully remote workforce.

    Prior to ADP, Mike was the North American Head of Engineering and Service Offerings for a large French IT services firm, with a focus on cloud adoption and complex ERP deployment and management; he managed large, diverse global teams and had responsibilities for end-to-end P&L management.

    Mike holds a Bachelor's degree in Architecture from Ryerson University.



    Photo of Carlene McCubbin
    Carlene McCubbin
    Practice Lead, People and Leadership
    Info-Tech Research Group

    Carlene McCubbin is a Research Lead for the CIO Advisory Practice at Info-Tech Research Group covering key topics in operating models & design, governance, and human capital development.

    During her tenure at Info-Tech, Carlene has led the development of Info-Tech's Organization and Leadership practice and worked with multiple clients to leverage the methodologies by creating custom programs to fit each organization's needs.

    Before joining Info-Tech, Carlene received her Master of Communications Management from McGill University, where she studied development of internal and external communications, government relations, and change management. Her education honed her abilities in rigorous research, data analysis, writing, and understanding the organization holistically, which has served her well in the business IT world.



    Photo of Anubhav Sharma
    Anubhav Sharma
    Research Director, CIO Strategy
    Info-Tech Research Group

    Anubhav is a digital strategy and execution professional with extensive experience in leading large-scale transformation mandates for organizations both in North America and globally, including defining digital strategies for leading banks and spearheading a large-scale transformation project for a global logistics pioneer across ten countries. Prior to joining Info-Tech Research Group, he held several industry and consulting positions in Fortune 500 companies driving their business and technology strategies. In 2023, he was recognized as a "Top 50 Digital Innovator in Banking" by industry peers.

    Anubhav holds an MBA in Strategy from HEC Paris, a Master's degree in Finance from IIT-Delhi, and a Bachelor's degree in Engineering.



    Photo of Kim Osborne-Rodriguez
    Kim Osborne-Rodriguez
    Research Director, CIO Strategy
    Info-Tech Research Group

    Kim is a professional engineer and Registered Communications Distribution Designer (RCDD) with over a decade of experience in management and engineering consulting spanning healthcare, higher education, and commercial sectors. She has worked on some of the largest hospital construction projects in Canada, from early visioning and IT strategy through to design, specifications, and construction administration. She brings a practical and evidence-based approach to digital transformation, with a track record of supporting successful implementations.

    Kim holds a Bachelor's degree in Mechatronics Engineering from University of Waterloo.



    Photo of Amanda Mathieson
    Amanda Mathieson
    Research Director, People and Leadership
    Info-Tech Research Group

    Amanda joined Info-Tech Research Group in 2019 and brings twenty years of expertise working in Canada, the US, and globally. Her expertise in leadership development, organizational change management, and performance and talent management comes from her experience in various industries spanning pharmaceutical, retail insurance, and financial services. She takes a practical, experiential approach to people and leadership development that is grounded in adult learning methodologies and leadership theory. She is passionate about identifying and developing potential talent, as well as ensuring the success of leaders as they transition into more senior roles.

    Amanda has a Bachelor of Commerce degree and Master of Arts in Organization and Leadership Development from Fielding Graduate University, as well as a post-graduate diploma in Adult Learning Methodologies from St. Francis Xavier University. She also has certifications in Emotional Intelligence – EQ-i 2.0 & 360, Prosci ADKAR® Change Management, and Myers-Briggs Type Indicator Step I and II.

    Bibliography

    Bacey, Christopher. "KPMG/Harvey Nash CIO Survey finds most organizations lack enterprise-wide digital strategy." Harvey Nash/KPMG CIO Survey. Accessed Jan. 6, 2023. KPMG News Perspective - KPMG.us.com

    Calvert, Wu-Pong Susanna. "The Importance of Rapport. Five tips for creating conversational reciprocity." Psychology Today Magazine. June 30, 2022. Accessed Feb. 10, 2023. psychologytoday.com/blog

    Coaches Council. "14 Ways to Build More Meaningful Professional Relationships." Forbes Magazine. September 16, 2020. Accessed Feb. 20, 2023. forbes.com/forbescoachescouncil

    Council members. "How to Build Authentic Business Relationships." Forbes Magazine. June 15, 2021. Accessed Jan. 15, 2023. Forbes.com/business council

    Deloitte. "Chief Information Officer (CIO) Labs. Transform and advance the role of the CIO." The CIO program. Accessed Feb. 5, 2021.

    Dharsarathy, Anusha et al. "The CIO challenge: Modern business needs a new kind of tech leader." McKinsey and Company. January 27, 2020. Accessed Feb 2023. Mckinsey.com

    DiSC profile. "What is DiSC?" DiSC Profile Website. Accessed Feb. 5, 2023. discprofile.com

    FIRO Assessment. "Better working relationships". Myers Brigg Website. Resource document downloaded Feb. 10, 2023. myersbriggs.com/article

    Fripp, Patricia. "Frippicisms." Website. Accessed Feb. 25, 2023. fripp.com

    Grossman, Rhys. "The Rise of the Chief Digital Officer." Russell Reynolds Insights, January 1, 2012. Accessed Jan. 5, 2023. Rise of the Chief Digital Officer - russellreynolds.com

    Kambil, Ajit. "Influencing stakeholders: Persuade, trade, or compel." Deloitte Article. August 9, 2017. Accessed Feb. 19, 2023. www2.deloitte.com/insights

    Kambil, Ajit. "Navigating the C-suite: Managing Stakeholder Relationships." Deloitte Article. March 8, 2017. Accessed Feb. 19, 2023. www2.deloitte.com/insights

    Korn Ferry. "Age and tenure in the C-suite." Kornferry.com. Accessed Jan. 6, 2023. Korn Ferry Study Reveals Trends by Title and Industry

    Kumthekar, Uday. "Communication Channels in Project". Linkedin.com, 3 March 2020. Accessed April 27, 2023. Linkedin.com/Pulse/Communication Channels

    McWilliams, Allison. "Why You Need Effective Relationships at Work." Psychology Today Magazine. May 5, 2022. Accessed Feb. 11, 2023. psychologytoday.com/blog

    McKinsey & Company. "Why do most transformations fail? A conversation with Harry Robinson." Transformation Practice. July 2019. Accessed Jan. 10, 2023. Mckinsey.com

    Mind Tools Content Team. "Building Good Work Relationships." MindTools Article. Accessed Feb. 11, 2023. mindtools.com/building good work relationships

    Pratt, Mary. "Why the CIO-CFO relationship is key to digital success." TechTarget Magazine. November 11, 2021. Accessed Feb. 2023. Techtarget.com

    LaMountain, Dennis. "Quote of the Week: No Involvement, No Commitment". Linkedin.com, 3 April 2016. Accessed April 27, 2023. Linkedin.com/pulse/quote-week-involvement

    PwC Pulse Survey. "Managing Business Risks". PwC Library. 2022. Accessed Jan. 30, 2023. pwc.com/pulse-survey

    Rowell, Darin. "3 Traits of a Strong Professional Relationship." Harvard Business Review. August 8, 2019. Accessed Feb. 20, 2023. hbr.org/2019/Traits of a strong professional relationship

    Sinek, Simon. "The Optimism Company from Simon Sinek." Website. Image Source. Accessed, Feb. 21, 2023. simonsinek.com

    Sinek, Simon. "There are only two ways to influence human behavior: you can manipulate it or you can inspire it." Twitter. Dec 9, 2022. Accessed Feb. 20, 2023. twitter.com/simonsinek

    Whitbourne, Susan Krauss. "10 Ways to Measure the Health of Relationship." Psychology Today Magazine. Aug. 7, 2021. Accessed Jan. 30, 2023. psychologytoday.com/blog

    Implement Software Asset Management

    • Buy Link or Shortcode: {j2store}313|cart{/j2store}
    • member rating overall impact (scale of 10): 9.3/10 Overall Impact
    • member rating average dollars saved: $107,154 Average $ Saved
    • member rating average days saved: 39 Average Days Saved
    • Parent Category Name: Asset Management
    • Parent Category Link: /asset-management
    • Organizations are aware of the savings that result from implementing software asset management (SAM), but are unsure of where to start the process.
    • Poor data capture procedures and lack of a centralized repository produce an incomplete picture of software assets and licenses, preventing accurate forecasting and license optimization.
    • Audit protocols are ad hoc, resulting in sloppy reporting and time-consuming work and lack of preparedness for external software audits.

    Our Advice

    Critical Insight

    • A strong SAM program will benefit all aspects of the business. Data and reports gained through SAM will enable data-driven decision making for all areas of the business.
    • Don’t just track licenses; manage them to create value from data. Gathering and monitoring license data is just the beginning. What you do with that data is the real test.
    • Win the audit battle without fighting. Conduct internal audits to minimize surprises when external audits are requested.

    Impact and Result

    • Conduct a current state assessment of existing SAM processes to form an appropriate plan for implementing or improving your SAM program.
    • Define standard policies, processes, and procedures for each stage of the software asset lifecycle, from procurement through to retirement.
    • Develop an internal audit policy to mitigate the risk of costly external audits.

    Implement Software Asset Management Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should implement software asset management, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess & plan

    Assess current state and plan the scope of the SAM program, team, and budget.

    • Implement Software Asset Management – Phase 1: Assess & Plan
    • SAM Maturity Assessment
    • SAM Standard Operating Procedures
    • SAM Budget Workbook

    2. Procure, receive & deploy

    Define processes for software requests, procurement, receiving, and deployment.

    • Implement Software Asset Management – Phase 2: Procure, Receive & Deploy
    • SAM Process Workflows (Visio)
    • SAM Process Workflows (PDF)

    3. Manage, redeploy & retire

    Define processes for software inventory, maintenance, harvest and redeployment, and retirement.

    • Implement Software Asset Management – Phase 3: Manage, Redeploy & Retire
    • Patch Management Policy

    4. Build supporting processes

    Build processes for audits and plan the implementation.

    • Implement Software Asset Management – Phase 4: Build Supporting Processes & Tools
    • Software Audit Scoping Email Template
    • Software Audit Launch Email Template
    • SAM Communication Plan
    • SAM FAQ Template
    • Software Asset Management Policy
    [infographic]

    Workshop: Implement Software Asset Management

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Assess & Plan

    The Purpose

    Assess current state and plan the scope of the SAM program, team, and budget.

    Key Benefits Achieved

    Current state assessment

    Defined roles and responsibilities

    SAM budget plan

    Activities

    1.1 Outline SAM challenges and objectives.

    1.2 Assess current state.

    1.3 Identify roles and responsibilities for SAM team.

    1.4 Identify metrics and reports.

    1.5 Identify SAM functions to centralize vs. decentralize.

    1.6 Plan SAM budget process.

    Outputs

    Current State Assessment

    RACI Chart

    Defined metrics and reports

    SAM Budget Workbook

    2 Procure, Receive & Deploy

    The Purpose

    Define processes for software requests, procurement, receiving, and deployment.

    Key Benefits Achieved

    Defined standards for software procurement

    Documented processes for software receiving and deployment

    Activities

    2.1 Determine software standards.

    2.2 Define procurement process for new contracts.

    2.3 Define process for contract renewals and additional procurement scenarios.

    2.4 Design process for receiving software.

    2.5 Design deployment workflow.

    2.6 Define process for non-standard software requests.

    Outputs

    Software standards

    Standard Operating Procedures

    SAM Process Workflows

    3 Manage, Redeploy & Retire

    The Purpose

    Define processes for software inventory, maintenance, harvest and redeployment, and retirement.

    Key Benefits Achieved

    Defined process for conducting software inventory

    Maintenance and patch policy

    Documented workflows for software harvest and redeployment as well as retirement

    Activities

    3.1 Define process for conducting software inventory.

    3.2 Define policies for software maintenance and patches.

    3.3 Map software license harvest and reallocation process.

    3.4 Define policy for retiring software.

    Outputs

    Standard Operating Procedures

    Patch management policy

    SAM Process Workflows

    4 Build Supporting Processes & Tools

    The Purpose

    Build processes for audits, identify tool requirements, and plan the implementation.

    Key Benefits Achieved

    Defined process for internal and external audits

    Tool requirements

    Communication and implementation plan

    Activities

    4.1 Define and document the internal audit process.

    4.2 Define and document the external audit process.

    4.3 Document tool requirements.

    4.4 Develop a communication plan.

    4.5 Prepare an FAQ list.

    4.6 Identify SAM policies.

    4.7 Develop a SAM roadmap to plan your implementation.

    Outputs

    Audit response templates

    Tool requirements

    Communication plan

    End-user FAQ list

    Software Asset Management Policy

    Implementation roadmap

    Further reading

    Implement Software Asset Management

    Go beyond tracking licenses to proactively managing software throughout its lifecycle.

    Table of contents

    1. Title
    2. Executive Brief
    3. Execute the Project/DIY Guide
    4. Next Steps
    5. Appendix

    Analyst Perspective

    “Organizations often conflate software asset management (SAM) with license tracking. SAM is not merely knowing how many licenses you require to be in compliance; it’s asking the deeper budgetary questions to right-size your software spend.

    Software audits are a growing concern for businesses, but proactive reporting and decision making supported by quality data will mitigate audit risks. Value is left on the table through underused or poor-quality data, so active data management must be in play. A dedicated ITAM tool can assist with extracting value from your license data.

    Achieving an optimized SAM program is a transformative effort, but the people, processes, and technology need to be in place before that can happen.” (Sandi Conrad, Senior Director, Infrastructure & Operations Practice, Info-Tech Research Group)

    Software license complexity and audit frequency are increasing: are you prepared to manage the risk?

    This Research Is Designed For:

    • CIOs that want to improve IT’s reputation with the business.
    • CIOs that want to eliminate the threat of a software audit.
    • Organizations that want proactive reporting that benefits the entire business.
    • IT managers who want visibility into their software usage.

    This Research Will Help You:

    • Establish a standardized software management process.
    • Track and manage software throughout its lifecycle, from procurement through to retirement or redeployment.
    • Rationalize your software license estate.
    • Improve your negotiations with software vendors.
    • Improve the quality of your SAM data gathering and reporting.

    Executive summary

    Situation

    • Organizations are aware of the savings that result from implementing software asset management (SAM), but are unsure of where to start the process. With no formal standards in place for managing licenses, organizations are constantly at risk for costly software audits and poorly executed software spends.

    Complication

    • Poor data-capture procedures produce an incomplete picture of software lifecycles.
    • No centralized repository exists, resulting in fragmented reporting.
    • Audit protocols are ad hoc, resulting in sloppy reporting and time-consuming work.

    Resolution

    • Conduct a current state assessment of existing SAM processes to form an appropriate plan for implementing or improving your SAM program.
    • Build and involve a SAM team in the process from the beginning to help embed the change.
    • Define standard policies, processes, and procedures for each stage of the software asset lifecycle, from procurement through to retirement. Pace yourself; a staged implementation will make your ITAM program a success.
    • Develop an internal audit program to mitigate the risk of costly audits.
    • Once a standardized SAM program and data are in place, you will be able to use the data to optimize and rationalize your software licenses.

    Info-Tech Insight

    A strong SAM program will benefit all aspects of the business.
    Data and reports gained through SAM will enable data-driven decision making for all areas of the business.

    Don’t just track licenses; manage them to create value from data.
    Gathering and monitoring license data is just the beginning. What you do with that data is the real test.

    Win the audit battle without fighting.
    Conduct internal audits to minimize surprises when external audits are requested.

    Build the business case for SAM on cost and risk avoidance

    You can estimate the return even without tools or data.

    Benefit Calculate the return
    Compliance

    How many audits did you have in the past three years?

    How much time did you spend in audit response?

    Suppose you had two audits each year for the last three years, each with an average $250,000 in settlements.

    A team of four with an average salary of $75,000 each took six months to respond each year, allocating 20% of their work time to the audit.

    You could argue annual audits cost on average $530,000. Increasing ITAM maturity stands to reduce that cost significantly.

    Efficiency

    How much do you spend on software and maintenance by supplier?

    Suppose you spent $1M on software last year. What if you could reduce the spend by just 10% through better practices?

    SAM can help reduce the annual spend by simplifying support, renegotiating contracts based on asset data, reducing redundancy, and reducing spend.

    The Business Benefits of SAM

    • Compliance: Managing audits and meeting legal, contractual, and regulatory obligations.
    • Efficiency: Reducing costs and making the best use of assets while maintaining service.
    • Agility: Anticipate requirements using asset data for business intelligence and analytics.

    Poor software asset management practices increase costs and risks

    Failure to implement SAM can lead to:

    High cost of undiscovered IT assets
    • Needless procurement of software for new hires can be costly.
    Licensing, liability, and legal violations
    • Legal actions and penalties that result from ineffective SAM processes and license incompliance can severely impact an organization’s financial performance and corporate brand image.
    Compromised security
    • Not knowing what assets you have, who is using them and how, can compromise the security of sensitive information.
    Increased management costs
    • Not having up-to-date software license information impacts decision making, with many management teams failing to respond quickly and efficiently to operational demands.
    Increased disruptions
    • Vendors seek out organizations who don’t manage their software assets effectively; it is likely that you could be subject to major operational disruptions as a result of an audit.
    Poor supplier/vendor relationship
    • Most organizations fear communicating with vendors and are anxious about negotiating new licenses.

    54% — A study by 1E found that only 54% of organizations believe they can identify all unused software in their organization.

    28% — On average, 28% of deployed software is unused, with a wasted cost of $224 per PC on unused software (1E, 2014).

    53% — Express Metrix found that 53% of organizations had been audited within the past two years. Of those, 72% had been audited within the last 12 months.

    SAM delivers cost savings beyond the procurement stage

    SAM delivers cost savings in several ways:

    • Improved negotiating position
      • Certainty around software needs and licensing terms can put the organization in a better negotiating position for new contracts or contract renewals.
    • Improved purchasing position
      • Centralized procurement can allow for improved purchasing agreements with better pricing.
    • More accurate forecasting and spend
      • With accurate data on what software is installed vs. used, more accurate decisions can be made around software purchasing needs and budgeting.
    • Prevention of over deployment
      • Deploy software only where it is needed based on what end users actively use.
    • Software rationalization
      • SAM data may reveal multiple applications performing similar functions that can be rationalized into a single standard software that is used across the enterprise.
    • License harvesting
      • Identify unused licenses that can be harvested and redeployed to other users rather than purchasing new licenses.

    SAM delivers many benefits beyond cost savings

    Manage risk. If licensing terms are not properly observed, the organization is at risk of legal and financial exposure, including illegal software installation, loss of proof of licenses purchased, or breached terms and conditions.

    Control and predict spend. Unexpected problems related to software assets and licenses can significantly impact cash flow.

    Less operational interruptions. Poor software asset management processes could lead to failed deployments, software update interruptions, viruses, or a shutdown of unlicensed applications.

    Avoid security breaches. If data is not secure through software patches and security, confidential information may be disclosed.

    More informed decisions. More accurate data on software assets improves transparency and informs decision making.

    Improved contract management. Automated tools can alert you to when contracts are up for renewal to allow time to plan and negotiate, then purchase the right amount of licenses.

    Avoid penalties. Conduct internal audits and track compliance to avoid fees or penalties if an external audit occurs.

    Reduced IT support. Employees should require less support from the service desk with proper, up to date, licensed software, freeing up time for IT Operations to focus on other work.

    Enhanced productivity. By rationalizing and standardizing software offerings, more staff should be using the same software with the same versioning, allowing for better communication and collaboration.

    Asset management is especially correlated with the following processes

    Being highly effective at asset management means that you are more likely to be highly effective at almost all IT processes, especially:

    Icon for process 'BAI10 Configuration Management'. Configuration Management
    76% more effective
    Icon for process 'ITRG03 Manage Service Catalogs'. Service Catalog
    74% more effective
    Icon for process 'APO11 Quality Management'. Quality Management
    63% more effective
    Icon for process 'ITRG08 Data Quality'. Data Quality
    62% more effective
    Icon for process 'MEA01 Performance Measurement'. Performance Measurement
    61% more effective
    Icon for process 'BAI05 Organizational Change Management'. Organizational Change Management
    60% more effective
    Icon for process 'APO05 Portfolio Management'. Portfolio Management
    59% more effective
    Icon for process 'APO03 Enterprise Architecture'. Enterprise Architecture
    58% more effective

    Why? Good SAM processes are integral to both service management and configuration management

    (Source: Info-Tech Research Group, IT Management and Governance Diagnostic; N=972 organizations) (High asset management effectiveness was defined as those organizations with an effectiveness score of 8 or above.)

    To accelerate progress, Info-Tech Research Group parses software asset management into its essential processes

    Focus on software asset management essentials

    Software Procurement:

    • Define procurement standards for software and related warranties and support options.
    • Develop processes and workflows for purchasing and work out financial implications to inform budgeting later.

    Software Deployment and Maintenance:

    • Define policies, processes, and workflows for software receiving, deployment, and maintenance practices.
    • Develop processes and workflows for managing imaging, harvests and redeployments, service requests, and large-scale rollouts.

    Software Harvest and Retirement:

    • Manage the employee termination and software harvest cycle.
    • Develop processes, policies, and workflows for software security and retirement.

    Software Contract and Audit Management:

    • Develop processes for data collection and validation to prepare for an audit.
    • Define metrics and reporting processes to keep asset management processes on track.
    A diagram that looks like a tier circle with 'Implement SAM' at the center. The second ring has 'Request & Procure', 'Receive & Deploy', 'Manage & Maintain', and 'Harvest & Retire'. The third ring seems to be a cycle beginning with 'Plan', 'Request', 'Procure', 'Deploy', 'Manage', 'Retire', and back to 'Plan'.

    Asset management is a key piece of Info-Tech’s COBIT-based IT Management and Governance Framework

    The Info-Tech / COBIT5 IT Management & Governance Framework, a number of IT process icons arranged like a periodic table. A magnifying glass highlights process 'BAI09 Asset Management' in the 'Infrastructure & Operations' category.

    Follow Info-Tech's methodology to build a plan to implement software asset management

    Phase 1
    Assess & Plan
    Phase 2
    Procure, Receive & Deploy
    Phase 3
    Manage, Redeploy & Retire
    Phase 4
    Build supporting processes

    1.1

    Assess current state

    2.1

    Request & procure

    3.1

    Manage & maintain contracts

    4.1

    Compliance & audits

    1.2

    Build team and define metrics

    2.2

    Receive & deploy

    3.2

    Harvest or retire

    4.2

    Communicate & build roadmap

    1.3

    Plan & budget
    Deliverables
    Standard Operating Procedures (SOP)
    SAM maturity assessment Process workflows Process workflows Audit response templates
    RACI chart Software standards Patch management policy Communication plan & FAQ template
    SAM metrics SAM policies
    SAM budget workbook

    Thanks to SAM, Visa saved $200 million in three years

    Logo for VISA.

    Case Study

    Industry: Financial Services
    Source: International Business Software Managers Association

    Visa, Inc.

    Visa, Inc. is the largest payment processing company in the world, with a network that can handle over 40,000 transactions every minute.

    Software Asset Management Program

    In 2006, Visa launched a formal IT asset management program, but it was not until 2011 that it initiated a focus on SAM. Joe Birdsong, the SAM director, first addressed four major enterprise license agreements (ELAs) and compliance issues. The SAM team implemented a few dedicated SAM tools in conjunction with an aggressive approach to training.

    Results

    The proactive approach taken by Visa used a three-pronged strategy: people, process, and tools. The process included ELA negotiations, audit responses, and software license rationalization exercises.

    According to Birdsong, “In the past three years, SAM has been credited with saving Visa over $200 million.”

    An timeline arrow with benchmarks, in order: 'Tool purchases', 'ELA negotiations', 'License rationalization', 'Audit responses', '$200 million in savings in just three years thanks to optimized SAM processes'.

    Info-Tech delivers: Use our tools and templates to accelerate your project to completion

    Thumbnail of Info-Tech's 'SAM Standard Operating Procedures (SOP)'.
    SAM Standard Operating Procedures (SOP)
    Thumbnail of Info-Tech's 'SAM Maturity Assessment'.
    SAM Maturity Assessment
    Thumbnail of Info-Tech's 'SAM Visio Process Workflows'.
    SAM Visio Process Workflows
    Thumbnail of Info-Tech's 'SAM Budget Workbook'.
    SAM Budget Workbook
    Thumbnail of Info-Tech's 'Additional SAM Policy Templates'.
    Additional SAM Policy Templates
    Thumbnail of Info-Tech's 'Software Asset Management Policy'.
    Software Asset Management Policy
    Thumbnail of Info-Tech's 'SAM Communication Plan'.
    SAM Communication Plan
    Thumbnail of Info-Tech's 'SAM FAQ Template'.
    SAM FAQ Template

    Use these insights to help guide your understanding of the project

    • SAM provides value to other processes in IT.
      Data, reports, and savings gained through SAM will enable data-driven decision making for all areas of the business.
    • Don’t just track licenses; manage them to create value from data.
      Gathering and monitoring license data is just the beginning. What you do with that data is the real test.
    • SAM isn’t about managing costs; it’s about understanding your environment to make better decisions.
      Capital tied up in software can impact the progress of other projects.
    • Managing licenses can impact the entire organization.
      Gain project buy-in from stakeholders by articulating the impact that managing licenses can have on other projects and the prevalence of shadow IT.

    Measure the value of a guided implementation (GI)

    Engaging in GIs doesn’t just offer valuable project advice, it also results in significant cost savings.

    GI Measured Value (Assuming 260 workdays in a year)
    Phase 1: Assess & Plan
    • Time, value, and resources saved by using Info-Tech’s methodology to assess current state and create a defined SAM team with actionable metrics
    • For example, 2 FTEs * 5 days * $80,000/year = $6,400
    Phase 2: Procure, Receive & Deploy
    • Time, value, and resources saved by using Info-Tech’s methodology to streamline request, procurement, receiving, and deployment processes for software assets.
    • For example, 2 FTEs * 5 days * $80,000/year = $6,400
    Phase 3: Manage, Redeploy & Retire
    • Time, value, and resources saved by using Info-Tech’s methodology to streamline the maintenance, inventory, license redeployment, and software retiring processes.
    • For example, 2 FTEs * 5 days * $80,000/year = $6,400
    Phase 4: Build Supporting Processes and Tools
    • Time, resources, and potential audit fines saved by using Info-Tech’s methodology to improve audit defense processes ($298,325 average audit penalty (Based on the results of Cherwell Software’s 2013 Software Audit Industry Report)) and design a communication and implementation plan.
    • For example, 2 FTEs * 5days * $80,000/year = $6,400 + $298,325 = $304,725
    Total savings $330,325

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks used throughout all four options

    Implement Software Asset Management – project overview

    Phase 1: Assess & plan Phase 2: Procure, receive & deploy Phase 3: Manage, redeploy & retire Phase 4: Build supporting processes
    Supporting Tool icon Best-Practice Toolkit

    Step 1.1: Assess current state

    Step 1.2: Build team and define metrics

    Step 1.3: Plan and budget

    Step 2.1: Request and procure

    Step 2.2: Receive and deploy

    Step 3.1: Manage and maintain contracts

    Step 3.2: Harvest, redeploy, or retire

    Step 4.1: Compliance and audits

    Step 4.2: Communicate and build roadmap

    Guided Implementations
    • Assess current state and challenges.
    • Define roles and responsibilities as well as metrics.
    • Discuss SAM budgeting.
    • Define software standards and procurement process.
    • Build processes for receiving software and deploying software.
    • Define process for conducting software inventory and maintenance and patches.
    • Build software harvest and redeployment processes and retirement.
    • Define process for internal and external audits.
    • Develop communication and implementation plan.
    Associated Activity icon Onsite Workshop Module 1:
    Assess & Plan
    Module 2:
    Map Core Processes: Procure, Receive & Deploy
    Module 3:
    Map Core Processes: Manage, Redeploy & Retire
    Module 4:
    Prepare for audit, build roadmap and communications

    Workshop Overview

    Contact your account representative or email Workshops@InfoTech.com for more information.

    Workshop Day 1 Workshop Day 2 Workshop Day 3 Workshop Day 4
    Activities
    Assess & Plan

    1.1 Outline SAM challenges and objectives

    1.2 Assess current state

    1.3 Identify roles and responsibilities for SAM team

    1.4 Identify metrics and reports

    1.5 Identify SAM functions to centralize vs. decentralize

    1.6 Plan SAM budget process

    Map Core Processes: Procure, Receive & Deploy

    2.1 Determine software standards

    2.2 Define procurement process for new contracts

    2.3 Define process for contract renewals and additional procurement scenarios

    2.4 Design process for receiving software

    2.5 Design deployment workflow

    2.6 Define process for non-standard software requests

    Map Core Processes: Manage, Redeploy & Retire

    3.1 Define process for conducting software inventory

    3.2 Define policies for software maintenance and patches

    3.3 Map software license harvest and reallocation process

    3.4 Define policy for retiring software

    Build Supporting Processes

    4.1 Define and document the internal audit process

    4.2 Define and document the external audit process

    4.3 Develop a communication plan

    4.4 Prepare an FAQ list

    4.5 Identify SAM policies

    4.6 Develop a SAM roadmap to plan your implementation

    Deliverables
    • SAM maturity assessment
    • RACI chart
    • Defined metrics and reports
    • Budget workbook
    • Process workflows
    • Software standards
    • Process workflows
    • Patch management policy
    • Standard operating procedures
    • Audit response templates
    • Communication plan
    • FAQ template
    • Additional policy templates
    • Roadmap of initiatives

    Use these icons to help direct you as you navigate this research

    Use these icons to help guide you through each step of the blueprint and direct you to content related to the recommended activities.

    A small monochrome icon of a wrench and screwdriver creating an X.

    This icon denotes a slide where a supporting Info-Tech tool or template will help you perform the activity or step associated with the slide. Refer to the supporting tool or template to get the best results and proceed to the next step of the project.

    A small monochrome icon depicting a person in front of a blank slide.

    This icon denotes a slide with an associated activity. The activity can be performed either as part of your project or with the support of Info-Tech team members, who will come onsite to facilitate a workshop for your organization.

    Phase 1: Assess Current State

    VISA fought fire with fire to combat costly software audits

    Logo for VISA.

    Case Study

    Industry: Financial Services
    Source: SAM Summit 2014

    Challenge

    Visa implemented an IT asset management program in 2006. After years of software audit teams from large firms visiting and leaving expensive software compliance bills, the world’s leading payment processing company decided it was time for a change.

    Upper management recognized that it needed to combat audits. It had the infrastructure in place and the budget to purchase SAM tools that could run discovery and tracking functions, but it was lacking the people and processes necessary for a mature SAM program.

    Solution

    Visa decided to fight fire with fire. It initially contracted the same third-party audit teams to help build out its SAM processes. Eventually, Visa formed a new SAM team that was led by a group of former auditors.

    The former auditors recognized that their role was not technology based, so a group of technical individuals were hired to help roll out various SAM tools.

    The team rolled out tools like BDNA Discover and Normalize, Flexera FlexNet Manager, and Microsoft SCCM.

    Results

    To establish an effective SAM team, diverse talent is key. Visa focused on employees that were consultative but also technical. Their team needed to build relationships with teams within the organization and externally with vendors.

    Most importantly, the leaders of the team needed to think like auditors to better prepare for audits. According to Joe Birdsong, SAM Director at Visa, “we want to be viewed as a team that can go in and help right-size their environment and better understand licensing to help teams make better decisions.”

    The SAM team was only the beginning.

    Step 1.1 Assess current state and plan scope

    Phase 1:
    Assess & Plan
    This step will walk you through the following activities:This step involves the following participants:

    1.1

    Assess current state
    • 1.1.1 Outline the organization’s SAM challenges
    • 1.1.2 Identify objectives of SAM program
    • 1.1.3 Determine the maturity of your SAM program
    • Project Sponsor
    • IT Director, CIO
    • IT Managers and SAM Manager

    1.2

    Build team and define metrics

    1.3

    Plan & budget

    Step Outcomes

    • An outline of the challenges related to SAM
    • A clear direction for the program based on drivers, anticipated benefits, and goals
    • A completed maturity assessment of current SAM processes

    Sketch out challenges related to software asset management to shape the direction of the project

    Common SAM challenges

    • Audits are disruptive, time-consuming, and costly
    • No audit strategy and response in place
    • Software non-compliance risk is too high
    • Lacking data to forecast software needs
    • No central repository of software licenses
    • Untracked or unused software licenses results in wasted spend
    • Software license and maintenance costs account for a large percentage of the budget
    • Lacking data to know what software is purchased and deployed across the organization
    • Lack of software standards make it difficult to collect consistent information about software products
    • New software licenses are purchased when existing licenses remain on the shelf or multiple similar software products are purchased
    • Employees or departments make ad hoc purchases, resulting in overspending and reduced purchasing power
    • License renewal dates come up unexpectedly without time for adequate decision making
    • No communication between departments to coordinate software purchasing
    • Difficult to stay up to date with software licensing rule changes to remain in compliance
    • Processes and policies are unstandardized and undocumented

    Outline the organization’s SAM challenges

    Associated Activity icon 1.1.1 Brainstorm SAM challenges

    Participants: CIO/CFO, IT Director, Asset Manager, Purchasing, Service Desk Manager, Security (optional), Operations (optional)

    1. Distribute sticky notes to participants. Have everyone start by identifying challenges they face as a result of poor software asset management.
    2. As group, discuss and outline the software asset management challenges facing the organization. These may be challenges caused by poor SAM processes or simply by a lack of process. Group the challenges into key pain points to inform the current state discussion and assessment to follow.

    To be effective with software asset management, understand the drivers and potential impact to the organization

    Drivers of effective SAM Results of effective SAM
    Contracts and vendor licensing programs are complex and challenging to administer without data related to assets and their environment. Improved access to accurate data on contracts, licensing, warranties, installed software for new contracts, renewals, and audit requests.
    Increased need to meet compliance requires a formal approach to tracking and managing assets. Encryption, software application controls, and change notifications all contribute to better asset controls and data security.
    Cost cutting is on the agenda, and management is looking to reduce overall IT spend in the organization in any possible way. Reduction of software spend through data for better forecasting, planning, and licensing rationalization and harvesting.
    Audits are time consuming, disruptive to project timelines and productivity, and costly. Respond to audits with a formalized process, accurate data, and minimal disruption using always-available reporting.

    Determine goals to focus the direction of your SAM program

    Associated Activity icon 1.1.2 Identify objectives of the SAM program

    Participants: CIO/CFO, IT Director, Asset Manager, Service Manager (optional)

    Document: Document in the Standard Operating Procedures.

    1. Identify the drivers behind the software asset management implementation or improvement project. List on a whiteboard or flip chart.
    2. Using the project drivers as input, brainstorm the goals of the SAM project. Discuss the goals as a group and finalize into a list of objectives for the SAM program.
    3. Record the objectives in the SOP and keep them in mind as you work through the rest of the project.

    Sample Objectives:

    1. A single data repository to efficiently manage assets for their entire lifecycle.
    2. Formalizing a methodology for documenting assets to make data retrieval easy and accurate.
    3. Defining and documenting processes to determine where improvements can be made.
    4. Improving customer experience in accessing, using, and maintaining assets.
    5. Centralizing contract information.
    6. Providing access to information for all technical teams as needed.

    Implementing SAM processes will support other IT functions

    By improving how you manage your licenses and audit requests, you will not only provide benefits through a mature SAM program, you will also improve your service desk and disaster recovery functions.

    Service Desk Disaster Recovery
    • Effective service desk tickets require a certain degree of technical detail for completion that a SAM program often provides.
    • Many tools are available that can handle both ITSM and ITAM functions. Your SAM data can be integrated into many of your service desk functions.
    • For example, if a particular application is causing a high number of tickets, SAM data could show the application’s license is almost expired and its usage has decreased due to end-user frustrations. The SAM team could review the application and decide to purchase software that better meets end-user needs.
    • If you don’t know what you have, you don’t know what needs to be back online first.
    • The ability to restore system functionality is heavily dependent on the ability to locate or reproduce master media documentation and system configuration information.
    • If systems/software are permanently lost, the ability to recover software licensing information is crucial to preserving compliance.
    • License agreement and software are needed to demonstrate software ownership. Unless the proof of ownership is present, there is no proof of compliance.
    Short description of Info-Tech blueprint 'Standardize the Service Desk'. Short description of Info-Tech blueprint 'Create a Right-Sized Disaster Recovery Plan'.

    Each level of SAM maturity comes with its own unique challenges

    Maturity People & Policies Processes Technology
    Chaos
    • No dedicated staff
    • No policies published
    • Procedures not documented or standardized
    • Licenses purchased randomly
    • Help desk images machines, but users can buy and install software
    • Minimal tracking tools in place
    Reactive
    • Semi-focused SAM manager
    • No policies published
    • Reliance on suppliers to provide reports for software purchases
    • Buy licenses as needed
    • Software installations limited to help desk
    • Discovery tools and spreadsheets used to manage software
    Controlled
    • Full-time SAM manager
    • End-user policies published and requiring sign-off
    • License reviews with maintenance and support renewals
    • SAM manager involved in budgeting and planning sessions
    • Discovery and inventory tools used to manage software
    • Compliance reports run as needed
    Proactive
    • Extended SAM team, including help desk and purchasing
    • Corporate anti-piracy statement in place and enforced
    • Quarterly license reviews
    • Centralized view into software licenses
    • Software requests through service catalog with defined standard and non-standard software
    • Product usage reports and alerts in place to harvest and reuse licenses
    • Compliance and usage reports used to negotiate software contracts
    Optimized
    • SAM manager trained and certified
    • Working with HR, Legal, Finance, and IT to enforce policies
    • Full support and maintenance analysis for all license reviews
    • Quarterly meetings with SAM team to review policies, procedures, upcoming contracts, and rollouts
    • Software deployed automatically through service catalog/apps store
    • Detailed savings reports provided to executive team annually
    • Automated policy enforcement and process workflows

    Determine the maturity of your SAM program

    Supporting Tool icon 1.1.3 Use the SAM Maturity Assessment Tool
    1. Download the SAM Maturity Assessment Tool and go to tab 2.
    2. Complete the self-assessment in all seven categories:
      1. Control Environment
      2. Roles & Responsibilities
      3. Policies & Procedures
      4. Competence
      5. Planning & Implementation Process
      6. Monitoring & Review
      7. Inventory Processes
    3. Go to tab 3 and examine the graphs produced. Identify the areas in your SAM program that require the most attention and which are already relatively mature.
    4. Use the results of this maturity assessment to focus the efforts of the project moving forward. Return to the assessment after a pre-determined time (e.g. one year later) to track improvement in maturity over time.
    Screenshot of the results page from the SAM Maturity Assessment Tool. Screenshot of the processes page from the SAM Maturity Assessment Tool.

    Step 1.2 Build team and define metrics

    Phase 1:
    Assess & Plan
    This step will walk you through the following activities:This step involves the following participants:

    1.1

    Assess current state
    • 1.2.1 Identify roles and responsibilities for SAM team
    • 1.2.2 Identify metrics and KPIs to track the success of your SAM program
    • 1.2.3 Define SAM reports to track metrics
    • CIO/CFO
    • IT Director
    • SAM Manager
    • SAM Team
    • Service Desk Manager

    1.2

    Build team and define metrics

    1.3

    Plan & budget

    Step Outcomes

    • A description of the roles and responsibilities of IT staff involved in SAM
    • A list of metrics and reports to track to measure the success of the software asset management program

    Define roles and responsibilities for the SAM program

    Roles and responsibilities should be adapted to fit specific organizational requirements based on its size, structure, and distribution and the scope of the program. Not all roles are necessary and in small organizations, one or two people may fulfill multiple roles.

    Senior Management Sponsor – Ensures visibility and support for the program.

    IT Asset Manager – Responsible for management of all assets and maintaining asset database.

    Software Asset Manager – Responsible for management of all software assets (a subset of the overall responsibility of the IT Asset Manager).

    SAM Process Owner – Responsible for overall effectiveness and efficiency of SAM processes.

    Asset Analyst – Maintains up-to-date records of all IT assets, including software version control.

    Additional roles that interact with SAM:

    • Security Manager
    • Auditors
    • Procurement Manager
    • Legal Council
    • Change Manager
    • Configuration Manager
    • Release and Deployment Manager
    • Service Desk Manager

    Form a software asset management team to drive project success

    Many organizations simply do not have a large enough staff to hire a full-time software asset manager. The role will need to be championed by an internal employee.

    Avoid filling this position with a temporary contract; one of the most difficult operational factors in SAM implementation and continuity is constant turnover and organizational shifts. Hiring a software asset manager on contract might get the project going faster, but without the knowledge gained by doing the processes, the program won’t have enough momentum to sustain itself.

    Software Asset Manager Duties

    • Gather proof of license.
    • Record and track all assets within the SAM repository.
    • Produce compliance reports.
    • Preparation of budget requests.
    • Administration of software renewal process.
    • Contract and support analysis.
    • Document procedures.
    • Ensure project is on track.

    SAM Team Member Duties

    • Record license and contract data in SAM tool.
    • Assist in production of SAM reports.
    • Data analysis.
    • Match tickets to SAM data.
    • Assist in documentation.
    • Assist in compliance reports.
    • Gather feedback from end users.

    Info-Tech Best Practice

    Make sure your SAM team is diverse. The SAM team will need to be skilled at achieving compliance, but there is also a need for technically skilled individuals to maximize the function of the SAM tool(s) at your organization.

    Identify roles and responsibilities for SAM

    Associated Activity icon 1.2.1 Complete a RACI chart for your organization

    Participants: CIO/CFO, IT Director, SAM Manager, SAM Team, Service Desk Manager

    Document: Document in the Standard Operating Procedures.

    Determine the roles and responsibilities for your SAM program. Record the results in a RACI (responsible, accountable, consulted, informed) chart such as the example below.

    SAM Processes and Tasks CIO CFO SAM Manager IT Director Service Management Team IT Ops Security Finance Legal Project Manager
    Policies/Governance A C R R I I C I R I
    Strategy A C R R I I I I C
    Risk Management/Asset Security A C R R C R C C C
    Data Entry/Quality I I A R R
    Compliance Auditing R C A R I I I I
    Education & Training R I A C I I
    Contract Lifecycle Management R R A R C C C C R C
    Workflows R C A R I I I R I C/I
    Budgeting R R R A C R
    Software Acquisition R I A R I C R C C
    Controls/Reporting R I A R I I C I
    Optimize License Harvesting I I A R I C C

    Identify metrics to form the framework of the project

    Trying to achieve goals without metrics is like trying to cook without measuring your ingredients. You might succeed, but you’ll have no idea how to replicate it.

    SAM metrics should measure one of five categories:

    • Quantity → How many do we have? How many do we want?
    • Compliance → What is the level of compliance in a specific area?
    • Duration → How long does it take to achieve the desired result?
    • Financial → What is the cost/value? What is our comparative spend?
    • Quality → How good was the end result? E.g. Completeness, accuracy, timeliness

    The metrics you track depend on your maturity level. As your organization shifts in maturity, the metrics you prioritize for tracking will shift to reflect that change. Example:

    Metric category Low maturity metric High maturity metric
    Compliance % of software installed that is unauthorized % of vendors in effective licensing position (ELP) report
    Quantity % of licenses documented in ITAM tool % of requests made through unauthorized channels

    Associate KPIs and metrics with SAM goals

    • Identify the critical success factors (CSFs) for your software asset management program based on strategic goals.
    • For each success factor, identify the key performance indicators (KPIs) to measure success, as well as specific metrics that will be tracked and reported on.
    • Sample metrics are below:

    CSF = Goal, or what success looks like

    KPI = How achievement of goal will be defined

    Metric = Numerical measure to determine if KPI has been achieved

    CSF/Goal KPI Metrics
    Improve accuracy of software budget and forecasting
    • Reduce software spend by 5%
    • Total software asset spending
    • Budgeted software spend vs. actual software spend
    Avoid over purchasing software licenses and optimize use of existing licenses
    • Reduce number of unused and underused licenses by 10%
    • Number of unused licenses
    • Money saved from harvesting licenses instead of purchasing new ones
    Improve accuracy of data
    • Data in SAM tool matches what is deployed with 95% accuracy
    • Percentage of entitlements recorded in SAM tool
    • Percentage of software titles recognized by SAM tool
    Improved service delivery
    • Reduce time to deploy new software by 10%
    • Mean time to purchase new software
    • Mean time to fulfill new software requests

    Identify metrics and KPIs to track the success of your SAM program

    Associated Activity icon 1.2.2 Brainstorm metrics and KPIs

    Participants: CIO, IT Director, SAM Manager, SAM Team

    Document: Document in the Standard Operating Procedures.

    1. Discuss the goals and objectives of implementing or improving software asset management, based on challenges identified earlier.
    2. From the goals, identify the critical success factors for the SAM program.
    3. For each CSF, identify one to three key performance indicators (KPIs) to evaluate achievement of the success factor.
    4. For each KPI, identify one to three metrics that can be tracked and reported on to measure success. Ensure that the metrics are tangible and measurable.

    Use the table below as an example.

    Goal/CSF KPI Metric
    Improve license visibility Increase accuracy and completeness of SAM data
    • % of total titles included in ITAM tool
    • % of licenses documented in ITAM tool
    Reduce software costs Reduce number of unused software licenses by 20%
    • % of licenses assigned to ex-employees
    • % of deployed licenses that have not been used in the past six months
    Reduce shadow IT Reduce number of unauthorized software purchases and installations by 10%
    • % of software requests made through unauthorized channels
    • % of software installed that is unauthorized

    Tailor metrics and reports to specific stakeholders

    Asset Managers

    Asset managers require data to manage how licenses are distributed throughout the organization. Are there multiple versions of the same application deployed? What proportion of licenses deployed are assigned to employees who are no longer at the organization? What are the usage patterns for applications?

    Service Desk Technicians

    Service desk technicians need real-time data on licenses currently available to deploy to machines that need to be imaged/updated, otherwise there is a risk of breaching a vendor agreement.

    Business Managers and Executives

    Business managers and executives need reports to make strategic decisions. The reports created for business stakeholders need to help them align business projects or business processes with SAM metrics. To determine which reports will provide the most value, start by looking at business goals and determining the tactical data that will help inform and support these goals and their progress.

    Additional reporting guidelines:

    • Dashboards should provide quick-glance information for daily maintenance.
    • Alerts should be set for all contract renewals to provide enough advanced notice (e.g. 90 days).
    • Reports should be automated to provide actionable information to appropriate stakeholders as needed.

    Define SAM reports to track metrics

    Associated Activity icon 1.2.3 Identify reports and metrics to track regularly

    Participants: CIO, IT Director, SAM Manager, SAM Team

    Document: Document in the Standard Operating Procedures.

    1. Identify key stakeholders requiring SAM reports. For each audience, identify their goals and requirements from reporting.
    2. Using the list of metrics identified previously, sort metrics into reports for each audience based on their requirements and goals. Add any additional metrics required.
    3. Identify a reporting frequency for each report.

    Example:

    Stakeholder Purpose Report Frequency
    Asset Manager
    • Manage budget
    • Manage contracts and cash flow
    • Ensure processes are being followed
    Operational budget spent to date Monthly
    Capital budget spent to date Monthly
    Contracts coming due for renewal Quarterly
    Software harvested for redeployment Quarterly
    Number of single applications being managed Annually
    CFO
    • Manage budget
    • Manage cash flow
    Software purchased, operational & capital Monthly
    Software accrued for future purchases Monthly
    Contracts coming due for renewal
    • Include dollar value, savings/spend
    Quarterly
    CIO
    • Resource planning
    • Progress reporting
    Software deployments and redeployments Monthly
    Software rollouts planned Quarterly
    % of applications patched Quarterly
    Money saved Annually
    Number of contracts & apps managed Quarterly

    Step 1.3 Plan the SAM program and budget

    Phase 1:
    Assess & Plan
    This step will walk you through the following activities:This step involves the following participants:

    1.1

    Assess current state
    • 1.3.1 Identify SAM functions to centralize vs. decentralize
    • 1.3.2 Complete the SAM budget tool
    • Project Sponsor
    • IT Director, CIO
    • IT Managers and SAM Manager
    • CFO

    1.2

    Build team and define metrics

    1.3

    Plan & budget

    Step Outcomes

    • Defined scope for the SAM program in terms of the degree of centralization of core functions and contracts
    • A clearer picture of software spend through the use of a SAM budgeting tool.

    Asset managers need to be involved in infrastructure projects at the decision-making stage

    Ensure that your software asset manager is at the table when making key IT decisions.

    Many infrastructure managers and business managers are unaware of how software licensing can impact projects. For example, changes in core infrastructure configuration can have big impacts from a software licensing perspective.

    Mini Case Study

    • When a large healthcare organization’s core infrastructure team decided to make changes to their environment, they failed to involve their asset manager in the decision-making process.
    • When the healthcare organization decided to make changes to their servers, they were running Oracle software on their servers, but the licenses were not being tracked.
    • When the change was being made to the servers, the business contacted Oracle to notify them of the change. What began as a tech services call quickly devolved into a licensing error; the vendor determined that the licenses deployed in the server environment were unauthorized.
    • For breaching the licensing agreement, Oracle fined the healthcare organization $250,000.
    • Had the asset manager been involved in the process, they would have understood the implications that altering the hardware configuration would have on the licensing agreement and a very expensive mistake could have been avoided.

    Decide on the degree of centralization for core SAM functions

    • Larger organizations with multiple divisions or business units will need to decide which SAM functions will be centralized and which, if any, will be decentralized as they plan the scope of their SAM program. Generally, certain core functions should be centralized for the SAM program to deliver the greatest benefits.
    • The degree of centralization may also be broken down by contract, with some contracts centralized and some decentralized.
    • A centralized SAM database gives needed visibility into software assets and licenses across the organization, but operation of the database may also be done locally.

    Centralization

    • Allows for more strategic planning
    • Visibility into software licenses across the organization promotes rationalization and cost savings
    • Ensure common products are used
    • More strategic sourcing of vendors and resellers
    • Centrally negotiate pricing for better deals
    • Easier to manage risk and prepare for audits
    • Greater coordination of resources

    Decentralization

    • May allow for more innovation
    • May be easier to demonstrate local compliance if the organization is geographically decentralized
    • May be easier to procure software if offices are in different countries
    • Deployment and installation of software on user devices may be easier

    Identify SAM functions to centralize vs. decentralize

    Associated Activity icon 1.3.1 Identify functions for centralization

    Participants: CIO, IT Director, SAM Manager, SAM Team

    Document: Document in the Standard Operating Procedures.

    1. If applicable, identify SAM functions that will need to be centralized and evaluate the implications of centralization to ensure it is feasible.
    2. If applicable, identify SAM functions that will be decentralized, if resources are available to manage those functions locally.

    Example:

    Centralized Functions
    • Operation of SAM database
    • SAM budget
    • Vendor selection
    • Contract negotiation and purchasing
    • Data analysis
    • Software receiving and inventory
    • Audits and risk management
    Decentralized functions
    • Procurement
    • Deployment and installation

    Software comprises the largest part of the infrastructure and operations budget

    After employee salaries (38%), the four next largest spend buckets have historically been infrastructure related. Adding salaries and external services, the average annual infrastructure and operations spend is over 50% of all IT spend.

    The largest portion of that spend is on software license and maintenance. As of 2016, software accounted for the roughly the same budget total as voice communications, data communications, and hardware combined. Managing software contracts is a crucial part of any mature budgeting process.

    Graph showing the percentage of all IT spend used for 'Ongoing software license and maintenance' annually. In 2010 it was 17%; in 2018 it was 21%. Graph showing the percentage of all IT spend used for 'Hardware maintenance / upgrades' annually. In 2010 it was 7%; in 2018 it was 8%. Graph showing the percentage of all IT spend used for 'Data communications' annually. In 2010 it was 7%; in 2018 it was 7%. Graph showing the percentage of all IT spend used for 'Voice communications' annually. In 2010 it was 5%; in 2018 it was 7%.

    Gain control of the budget to increase the success of SAM

    A sophisticated software asset management program will be able to uncover hidden costs, identify opportunities for rationalization, save money through reharvesting unused licenses, and improve forecasting of software usage to help control IT spending.

    While some asset managers may not have experience managing budgets, there are several advantages to the ITAM function owning the budget:

    • Be more involved in negotiating pricing with vendors.
    • Build better relationships with stakeholders across the business.
    • Gain greater purchasing power and have a greater influence on purchasing decisions.
    • Forecast software requirements more accurately.
    • Inform benchmarks and metrics with more data.
    • Directly impact the reduction in IT spend.
    • Manage the asset database more easily and have a greater understanding of software needs.
    • Identify opportunities for cost savings through rationalization.

    Examine your budget from a SAM perspective to optimize software spend

    How does examining your budget from a SAM perspective benefit the business?

    • It provides a chance to examine vendor contracts as they break down contracts by projects and services, which gives a clearer picture of where software fits into the budget.
    • It also gives organizations a chance to review vendor agreements and identify any redundancies present in software supporting services.

    Review the budget:

    • When reviewing your budget, implement a contingency fund to mitigate risk from a possible breach of compliance.
    • If your organization incurs compliance issues that relate to specific services, these fines may be relayed back to the departments that own those services, affecting how much money each department has.
    • The more sure you are of your compliance position, the less likely you are to need a contingency fund, and vice versa.

    Info-Tech Best Practice

    Finance needs to be involved. Their questions may cover:

    • Where are the monthly expenditures? Where are our financial obligations? Do we have different spending amounts based on what time of year it is?

    Use the SAM Budget Workbook to uncover insights about your software spend

    Supporting Tool icon 1.3.2 Complete the SAM budget tool

    The SAM Budget Workbook is designed to assist in developing and justifying the budget for software assets for the upcoming year.

    Instructions

    1. Work through tabs 2-6, following the instructions as you go.
    2. Tab 2 involves selecting software vendors and services provided by software.
    3. Tab 3 involves classifying services by vendor and assigning a cost to them. Tab 3 also allows you to classify the contract status.
    4. Tab 4 is a cost variance tracking sheet for software contracts.
    5. Tabs 5 and 6 are monthly budget sheets that break down software costs by vendor and service, respectively.
    6. Tab 7 provides graphs to analyze the data generated by the tool.
    7. Use the results found on tab 7 to analyze your budget: are you spending too much with one service? Is there vendor overlap based on what project or service that software is reporting?
    Screenshots of the 'Budget of Services Supported by Software Vendors' and 'Software Expense cashflow reports by Vendor' pages from the SAM Budget Workbook. Screenshot of the 'Analysis of Data' page from the SAM Budget Workbook.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    Photo of an Info-Tech analyst.
    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    1.1.3

    Sample of activity 1.1.3 'Determine the maturity of your SAM program'. Determine the maturity of your SAM program

    Using the SAM Maturity Assessment Tool, fill out a series of questions in a survey to assess the maturity of your current SAM program. The survey assesses seven categories that will allow you to align your strategy to your results.

    1.2.3

    Sample of activity 1.2.3 'Define SAM reports to track metrics'. Define SAM reports to track metrics

    Identify key stakeholders with reporting needs, metrics to track to fulfill reporting requirements, and a frequency for producing reports.

    Phase 1 outline

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 1: Assess and Plan

    Proposed Time to Completion (in weeks): 4
    Step 1.1: Assess current state Step 1.2: Build team and define metrics Step 1.3: Plan and budget
    Start with an analyst kick-off call:
    • Outline SAM challenges
    • Overview of the project
    • Assess current maturity level
    Review findings with analyst:
    • Define roles and responsibilities of SAM staff
    • Identify metrics and reports to track
    Review findings with analyst:
    • Plan centralization of SAM program
    • Discuss SAM budgeting
    Then complete these activities…
    • Identify challenges
    • Identify objectives of SAM program
    • Assess maturity of current state
    Then complete these activities…
    • Define roles and responsibilities
    • Identify metrics and KPIs
    • Plan reporting
    Then complete these activities…
    • Identify SAM functions to centralize
    • Complete the SAM budgeting tool
    With these tools & templates:
    • SAM Maturity Assessment
    • Standard Operating Procedures
    With these tools & templates:
    • Standard Operating Procedures
    With these tools & templates:
    • SAM Budget Workbook

    Phase 2: Procure, Receive, and Deploy

    VISA used high-quality SAM data to optimize its software licensing

    Logo for VISA.

    Case Study

    Industry: Financial Services
    Source: SAM Summit 2014

    Challenge

    Visa formed a SAM team in 2011 to combat costly software audits.

    The team’s first task was to use the available SAM data and reconcile licenses deployed throughout the organization.

    Organizations as large as Visa constantly run into issues where they are grossly over or under licensed, causing huge financial risk.

    Solution

    Data collection and analysis were used as part of the license rationalization process. Using a variety of tools combined with a strong team allowed Visa to perform the necessary steps to gather license data and analyze usage.

    One of the key exercises was uniting procurement and deployment data and the teams responsible for each.

    End-to-end visibility allowed the data to be uniform. As a result, better decisions about license rationalization can be made.

    Results

    By improving its measurement of SAM data, Visa was able to dedicate more time to analyze and reconcile its licenses. This led to improved license management and negotiations that reflected actual usage.

    By improving license usage through rationalization, Visa reduced the cost of supporting additional titles.

    The SAM team also performed license reclamation to harvest and redistribute licenses to further improve usage. The team’s final task was to optimize audit responses.

    Step 2.1 Request and procure software

    Phase 2:
    Procure, Receive & Deploy
    This step will walk you through the following activities:This step involves the following participants:

    2.1

    Request & Procure
    • 2.1.1 Determine which software contracts should be centralized vs. localized
    • 2.1.2 Determine your software standards
    • 2.1.3 Define procurement policy
    • 2.1.4 Identify approvals and requests for authorization thresholds
    • 2.1.5 Build software procurement workflow for new contracts
    • 2.1.6 Define process for contract renewals and additional procurement scenarios
    • IT Director, CIO
    • IT Managers and SAM Manager
    • SAM Team

    2.2

    Receive & Deploy

    Step Outcomes

    • Defined standards for software requests
    • A documented policy for software procurement including authorization thresholds
    • Documented process workflows for new contracts and contract renewals

    Procurement and SAM teams must work together to optimize purchasing

    Procurement and SAM must collaborate on software purchases to ensure software purchases meet business requirements and take into account all data on existing software and licenses to optimize the purchase and contract. Failure to work together can lead to unnecessary software purchases, overspending on purchases, and undesirable contract terms.

    SAM managers must collaborate with Procurement when purchasing software.

    SAM managers should:

    • Receive requests for software licenses
    • Ensure a duplicate license isn’t already purchased before going through with purchase
    • Ensure the correct license is purchased for the correct individuals
    • Ensure the purchasing information is tracked in the ITAM/SAM tool
    • Report on software usage to inform purchases
    Two cartoon people in work attire each holding a piece of a puzzle that fits with the other. Procurement must commit to be involved in the asset management process.

    Procurement should:

    • Review requests and ensure all necessary approvals have been received before purchasing
    • Negotiate optimal contract terms
    • Track and manage purchasing information and invoices and handle financial aspects
    • Use data from SAM team on software usage to decide on contract terms and optimize value

    Centralize procurement to decrease the likelihood of overspending

    Centralized negotiation and purchasing of software can ensure that the SAM team has visibility and control over the procurement process to help prevent overspending and uncontrolled agreements.

    Benefits of centralized procurement

    • Ability to easily manage software demand.
    • Provides capability to effectively manage your relationships with suppliers.
    • Allows for decreased contract processing times.
    • Provides easy access to data with a single consolidated system for tracking assets at an early stage.
    • Reduces number of rogue purchases by individual departments.
    • Efficiency through automation and coordinated effort to examine organization’s compliance and license position.
    • Higher degree of visibility and transparency into asset usage in the organization.

    Info-Tech Insights

    It may be necessary to procure some software locally if organizations have multiple locations, but try to centrally procure and manage the biggest contracts from vendors that are likely to audit the organization. Even with a decentralized model, ensure all teams communicate and that contracts remain visible centrally even if managed locally.

    Standards for software procurement help prevent overspending

    Software procurement is often more difficult for organizations than hardware procurement because:

    • Key departments that need to be involved in the purchasing process do not communicate or interact enough.
    • A fear of software auditing causes organizations to overspend to mitigate risk.
    • Standards are often not in place, with most purchases being made outside of the gold imaging standard.
    • A lack of discovery results in gross overspending on software licenses that are already present and underused.

    Info-Tech Insight

    One of the major challenges involved in implementing SAM is uniting multiple datasets and data sources across the enterprise. A conversation with each major business unit will help with the creation of software procurement standards that are acceptable to all.

    Determine which software contracts should be centralized vs. localized (optional)

    Associated Activity icon 2.1.1 Identify central standard enterprise offerings

    Participants: CIO, IT Director, SAM Manager, SAM Team

    Document: Document in the Standard Operating Procedures.

    1. As a group, list as many software contracts that are in place across the organization as can easily be identified, focusing on top vendors.
    2. Identify which existing software contracts are standard enterprise offerings that are procured and managed centrally and which are non-standard or localized applications.
    3. Looking at the list of non-standard software, identify if any can or should be rationalized or replaced with a standard offering.
    Standard enterprise offerings
    • Microsoft
    • IBM
    • Adobe
    • Dell
    • Cisco
    • VMware
    • Barracuda
    Localized or non-standard software

    Classify your approved software into tiers to improve workflow efficiency

    Not all titles are created equal; classifying your pre-approved and approved software titles into a tiered system will provide numerous benefits for your SAM program.

    The more prestigious the asset tier, the higher the degree of data capture, support, and maintenance required.

    • Mission-critical, high-priority applications are classified as gold standard.
    • Secondary applications or high priority are silver standard.
    • Low-usage applications or normal priority are bronze standard.

    E.g. An enterprise application that needs to be available 24/7, such as a learning management system, should be classified as a gold tier to ensure it has 24/7 support.

    Creating tiers assists stakeholders in justifying the following set of decision points:

    • Which assets will require added maintenance (e.g. software assurance for Microsoft)
    • Technical support requirements to meet business requirements
    • Lifecycle and upgrade cycle of the software assets.
    • Monitoring usage to determine whether licenses can be harvested
    • Authorizations required for purchase requests

    Determine your software standards

    Associated Activity icon 2.1.2 Identify standard software images for your organization

    Participants: Asset Manager, Purchasing, Service Desk Manager, Operations (optional)

    Document: Document in the Standard Operating Procedures.

    1. As a group, discuss and identify the relevant software asset tiers and number of tiers.
    2. For each tier, define:
      • Support requirements (hours and payments)
      • Maintenance requirements (mandatory or optional)
      • Lifecycle (when to upgrade, when to patch)
      • Financial requirements (CapEx/OpEx expenses)
      • Request authorizations (requestors and approvers)
    3. Sort the software contracts identified in the previous category into tiers, for example:
      • Mission-critical software (gold tier)
      • High-priority software (silver tier)
      • Normal-priority software (bronze tier)
    4. Use the SOP as an example.

    Determine which licensing options and methodologies fit into future IT strategy

    Not everyone is ready to embrace the cloud for all solutions; make sure to align cloud strategy to business requirements. Work closely with IT executives to determine appropriate contract terms, licensing options, and tracking processes.

    Vendors make changes to bundles and online services terms on a regular basis. Ensure you document your agreed upon terms to save your required functionality as vendor standard offerings change.

    • Any contracts getting moved to the cloud will need to undergo a contract comparison first.
    • The contract you signed last month could be completely different this month. Many cloud contracts are dynamic in nature.
    • Keep a copy of the electronic contract that you signed in a secure, accessible location.
    • Consider reaching a separate agreement with the vendor that they will ensure you maintain the results of the original agreement to prevent scope creep.

    Not all on-premises to cloud options transition linearly:

    • Features of perpetual licenses may not map to subscriptions
    • Product terms may differ from online services terms
    • Licensing may change from per device to per user
    • Vendor migrations may be more complex than anticipated

    Download the Own the Cloud: Strategy and Action Plan blueprint for more guidance

    Understand the three primary models of software usage agreements

    Licensed Open Source Shareware
    License Structure A software supplier is paid for the permission to use their software. The software is provided free of charge, but is still licensed. The software is provided free of charge, but is still licensed. Usage may be on a trial basis, with full usage granted after purchase.
    Source Code The source code is still owned by the supplier. Source code is provided, allowing users to change and share the software to suit their needs. Source code is property of the original developer/supplier.
    Technical Support Technical support is included in the price of the contract. Technical support may be provided, often in a community-based format from other developers of the open-source software in question. Support may be limited during trial of software, but upgraded once a purchase is made.

    Info-Tech Insight

    Open-source software should be managed in the same manner as commercial software to understand licensing requirements and be aware of any changes to these agreements, such as commercialization of such products, as well as any rules surrounding source code.

    Coordinate with purchasing department to define software procurement policy

    Associated Activity icon 2.1.3 Define procurement policy

    Participants: Asset Manager, Purchasing, Service Desk Manager, Operations (optional)

    Document: Document in the Standard Operating Procedures.

    Define and document policies that will apply to IT software purchases, including policies around:

    • Software purchase approvals
    • Licenses for short-term contractors
    • On-premises vs. SaaS purchases
    • Shareware and freeware fees
    • Open-source software

    Use the example below as guidance and document in the SOP.

    • Software will not be acquired through user corporate credit cards, office supply, petty cash, or personal expense budgets. Purchases made outside of the acceptable processes will not be reimbursed and will be removed from company computers.
    • Contractors who are short term and paid through vendor contracts and invoices will supply their own licenses.
    • Software may be purchased as on-premises or as-a-service solutions as IT deems appropriate for the solution.
    • Shareware and freeware authors will be paid the fee they specify for use of their products.
    • Open-source software will be managed in the same manner as commercial software to understand licensing requirements and be aware of any changes to these agreements, such as commercialization of such products.

    Identify approvals and requests for authorization thresholds

    Associated Activity icon 2.1.4 Identify financial thresholds for approvals and requests

    Participants: Asset Manager, Purchasing, CIO, CFO, IT Director

    Document: Document in the Standard Operating Procedures.

    Identify and classify financial thresholds for contracts requiring approval. For each category of contract value, identify who needs to authorize the request. Discuss and document any other approvals necessary. An example is provided below.

    Example:
    Requests for authorization will need to be directed based on the following financial thresholds:

    Contract value Authorization
    <$50,000 IT Director
    $50,000 to $250,000 CIO
    $250,000 to $500,000 CIO and CFO
    >$500,000 Legal review

    Develop a defined process for software procurement

    A poorly defined software procurement workflow can result in overspending on unnecessary software licensing throughout the year. This can impact budgeting and any potential software refreshes, as businesses will often rely on purchasing what they can afford, not what they need.

    Benefits of a defined workflow

    • Standardized understanding of the authorization processes results in reduced susceptibility to errors and quicker processing times.
    • Compliance with legal regulations.
    • Protection from compliance violations.
    • Transparency with the end user by communicating the process of software procurement to the business.

    Elements to include in procurement workflows:

    • RFP
    • Authorizations and approvals
    • Contract review
    • Internal references to numbers, cost centers, locations, POs, etc.

    Four types of procurement workflows:

    1. New contract – Purchasing brand new software
    2. Add to contract – Adding new POs or line items to an existing contract
    3. Contract renewal – Renewing an existing contract
    4. No contract required – Smaller purchases that don’t require a signed contract

    Outline the procurement process for new contracts

    The procurement workflow may involve the Service Desk, procurement team, and asset manager.

    The following elements should be accounted for:

    • Assignee
    • Requestor
    • Category
    • Type
    • Model or version
    • Requisition number
    • Purchase order number
    • Unit price
    A flowchart outlining the procurement process for new contracts. There are three levels, at the top is 'Tier 2 or Tier 3', the middle is 'IT Procurement', the bottom is 'Asset Manager'. It begins in 'Tier 2 or Tier 3' with 'Approved request received', and if it is not declined it moves on to 'Purchasing request forwarded to Procurement' on the 'IT Procurement' level. If an RFP is required, it eventually moves to 'Receives contract' on the 'Asset Manager' level and ends with 'Document license requirements, notify IT Product Owner'.

    Build software procurement workflow for new contracts

    Associated Activity icon 2.1.5 Build new contract procurement workflow

    Participants: Asset Manager, Purchasing, Service Desk Manager, Operations (optional)

    Document: Document in the Standard Operating Procedures.

    1. As a team, outline each of the tasks in the process of procuring a new software asset using cue cards, sticky notes, or a whiteboard.
    2. Use the sample procurement workflow on the previous slide as an example if needed.
    3. Ensure the following elements required for the asset procurement process have been accounted for:
      • Assignee
      • Requestor
      • Category
      • Type
      • Model or version
      • Requisition number
      • Purchase order number
      • Unit price
    4. Review the workflow and make any adjustments necessary to improve the process. Document using Visio and add to the SOP.

    Review vendor contracts to right-size licensing procurement

    Many of your applications come from the same vendor, and a view into the business services provided by each software vendor contract will prove beneficial to the business.

    • You may uncover overlaps in services provided by software across departments.
    • The same service may be purchased from different vendors simply because two departments never compared notes!
    • This leaves a lot of money on the table from a lack of volume discounts.
    A graphic depicting a Venn diagram in which the 'Software' and 'Services' circles overlap, both of which stem from a 'Vendor Contract'.
    • Be cautious about approaching license budgeting strictly from a cost perspective. SAM is designed to right-size your licenses to properly support your organization.
    • One trap organizations often fall into is bundling discounts. Vendors will offer steep discounts if clients purchase multiple titles. On the surface, this might seem like a great offer.
    • However, what often happens is that organizations will bundle titles to get a steep discount on their prize title of the group.
    • The other titles become shelfware, and when the time comes to renew the contract, the maintenance fees on the shelfware titles will often make the contract more expensive than if only the prize title was purchased.

    Additionally, information regarding what licenses are being used for certain services may yield insight into potential redundancies. For example, two separate departments may have each have a different application deployed that supports the same service. This presents an opportunity for savings based on bulk licensing agreements, not to mention a simplified support environment by reducing the number of titles deployed in your environment.

    Define a procedure for tracking and negotiating contract renewals

    Participants: IT Director/CIO, Asset Manager, Purchasing, Service Desk Manager, Operations (optional)

    Document: Document in the Standard Operating Procedures.

    Discuss and document a policy for tracking and negotiating contract renewals. Answer the following questions as guides:

    • How will renewal dates be tracked and monitored?
    • How soon should contracts be reviewed prior to renewal to determine appropriateness for use and compliance?
    • What criteria will be used to determine if the product should be renewed?
    • Who will be consulted for contract renewal decisions for major contracts?
    • How will licensing and support decisions be made?

    Optional contract review:

    1. Take a sample contract to renew. Create a list of services that are supported by the software. Look for overlaps, redundancies, shelfware, and potential bundling opportunities. Recall the issues outlined when purchasing bundled software.
    2. Create a list of action items to bring into the next round of contract negotiations with that vendor and identify a start date to begin reviewing these items.

    Define process for contract renewals and additional procurement scenarios

    Associated Activity icon 2.1.6 Build additional procurement workflows

    Participants: Asset Manager, Purchasing, Service Desk Manager, Operations (optional)

    Document: Document in the Standard Operating Procedures.

    Build procurement workflows and define policies and procedures for additional purchasing scenarios beyond new contracts.

    This may include:

    1. Contract renewals
    2. Single purchase, non-contract procurement
    3. Adding to contracts

    Use the sample workflows in the Standard Operating Procedures as a guide.

    A flowchart outlining the procurement process for 'Software Contract Renewal'.

    A flowchart outlining the procurement process for 'Software single purchase, non-contract'.

    Negotiate for value to ensure quality license agreements

    Approach negotiating from a value-first, price-second perspective.

    Contract negotiations too often come down to a question of price. While you want to avoid overpaying for licenses, a worse offense is getting a steep discount for a bundle of applications where the majority will go unused.

    Vendors will try to sell a full stack of software at a steep discount to give the illusion of value. Often organizations bite off more than they can chew. When auditors come knocking, the business may be in compliance, but being over-licensed is a dangerous state to be in. Organizations end up over-licensed and in possession of numerous “shelfware” apps that sit on the proverbial shelf collecting dust while drawing expensive maintenance and licensing fees from the business.
    • Pressure from the business is also an issue. Negotiations can be rushed in an effort to fulfill an immediate need.
    • Make sure you clearly outline the level of compliance expected from the vendor.
    • Negotiate reduced-fee software support services. Your Service Desk can already handle the bulk of requests, and investing in a mature Service Desk will provide more lasting value than paying for expensive maintenance and support services that largely go unused.

    Learn to negotiate effectively to optimize contract renewals

    Leverage Info-Tech’s research, Master Contract Review and Negotiation for Software Agreements, to review your software contracts to leverage your unique position during negotiations and find substantial cost savings.

    This blueprint includes the following tools and templates:

    • RASCI Chart
    • Vendor Communication Management Plan
    • Software Business Use Case Template
    • SaaS TCO Calculator
    • Software Terms & Conditions Evaluation Tool
    • Software Buyer’s Checklist
    • Controlled Vendor Communications Letter
    • Key Vendor Fiscal Year End Calendar
    • Contract Negotiation Tactics Playbook

    Step 2.2 Receive and deploy software

    Phase 2:
    Procure, Receive & Deploy
    This step will walk you through the following activities:This step involves the following participants:

    2.1

    Request & Procure
    • 2.2.1 Identify storage locations for software information and media
    • 2.2.2 Design the workflow for receiving software
    • 2.2.3 Design and document the deployment workflow(s)
    • 2.2.4 Create a list of pre-approved, approved, and unapproved software titles
    • 2.2.5 Document the request and deployment process for non-standard software requests
    • IT Director, CIO
    • IT Managers and SAM Manager
    • SAM Team
    • Purchasing (optional)
    • Service Desk Manager (optional)
    • Operations (optional)
    • Release & Deployment manager (optional)

    2.2

    Receive & Deploy

    Step Outcomes

    • A strategy for storing software information and media in the ITAM database and DML
    • A documented workflow for the software receiving process
    • Documented process workflows for software requests and deployment, including for large quantities of software
    • A list of pre-approved, approved, and unapproved software titles for deployment
    • A process for responding to non-standard software requests

    Verify product and information upon receipt

    Upon receipt of procured software:

    • Verify that the product is correct
    • Reconcile with purchase record to ensure the order has been completed
    • Verify that the invoice is correct
    • Update financial information such as budget and accounting records
    • Update ITAM database to show status as received
    • Record/attach license keys and software codes in ITAM database
    • Attach relevant documents to record in the ITAM database (license reports, invoices, end-user agreement, etc.)
    • Download and store any installation files, DVDs, and CDs
    • Once software has been installed, verify license is matched to discovered installed software within the ITAM database

    Info-Tech Best Practice

    While most software will be received through email and download, in some cases physical software may be received through courier or mail. Ensure processes and procedures are defined for both cases.

    Establish a secure repository for licenses and documentation

    All licenses, documentation, and digital media for authorized and supported software should be collected and stored in a central, secure location to minimize risk of theft, loss, or unauthorized installation or duplication of software.

    Where to store software data?

    The ITAM database should contain an up-to-date record of all software assets, including their associated:

    • Serial numbers
    • License keys and codes
    • Contracts and agreements

    The database allows you to view software that is installed and associated licenses.

    A definitive media library (DML) is a single logical storage area, which may consist of one or more locations in which definitive authorized versions of all software configuration items are securely stored and protected.

    The DML consists of file storage as well as physical storage of CDs and DVDs and must be continually updated to contain the latest information about each configuration item.

    The DML is used to organize content and link to automated deployment to easily install software.

    Use a definitive media library (DML) to assist in storage of software packages for deployment

    The DML will usually contain the most up-to-date versions to minimize errors created by having unauthorized, old, or problematic software releases being deployed into the live IT environment. The DML can be used for both full-packed product (FPP) software and in-house developed software, providing formalized data around releases of in-house software.

    The DML should consist of two main storage areas:

    1. Secure file storage
    2. Secure physical storage for any master CD/DVDs

    Additional Recommendations:

    • The process of building, testing, adapting, and final pre-production testing should provide your IT department with a solid final deployment package, but the archive will enable you to quickly pull in a previous version if necessary.
    • When upgrading software packages to include new patches or configurations, use the DML to ensure you're referencing a problem-free version.
    • Include the DML in your disaster recovery plan (DRP) and include testing of the DML as part of your DRP testing. If you need to rebuild servers from these files, offsite, you'll want to know your backup DML is sound.

    Ensure you have a strategy to create and update your DML

    Your DML should have a way to separate archived, new, and current software to allow for optimal organization of files and code, to ensure the correct software is installed, and to prepare for automated deployment through the service catalog.

    New software hasn’t been tested yet. Make it available for testing, but not widely available.

    Keep a record for archived software, but do not make it available for install.

    Current software is regularly used and should be available for install.

    Deployment

    • Are you using tools to integrate with the DML for deployment?
    • Store files that are ready for automated deployment in a separate location.

    Identify storage locations for software information and media

    Associated Activity icon 2.2.1 Identify software storage locations

    Participants: Asset Manager, IT Director

    Document: Document in the Standard Operating Procedures.

    1. Identify storage locations for asset data that is received (i.e. ITAM database, DML).
    2. Identify information that should be stored with each asset (i.e. license, serial number, invoice, end-user license agreement) and where this information should be stored.
    3. Identify fields that should be populated in the DML for each record:
      • Product name
      • Version
      • Description
      • Authorized by
      • Received by/date
      • Configuration item on which asset is installed
      • Media
      • Physical and backup locations
      • Verified by/date

    Define the standard process for receiving software

    Define the following in your receiving process:

    • Process for software received by email/download
    • Process for physical material received at Service Desk
    • Information to be recorded and where
    • Process following discrepancy of received software
    A flowchart outlining the standard process for receiving software. There are two levels, at the top is 'Desktop Support Team' and the bottom is 'Procurement'. It begins in 'Desktop Support Team' with 'Received at Service Desk' or 'Receive by email/download'. If the reconciliation is correct it eventually moves on to 'Fulfill service request, deliver and close ticket'. If the reconciliation is not correct it moves to 'Contact vendor with discrepancy details' in 'Procurement'. If a return is required 'Repackage and ship', or if not 'Notify Desktop Support Team of resolution'.

    Design the workflow for receiving software

    Associated Activity icon 2.2.2 Design the workflow for receiving software

    Participants: Asset Manager, Purchasing, Service Desk Manager, Operations (optional)

    Document: Document in the Standard Operating Procedures.

    Option 1: Whiteboard

    1. Discuss the workflow and draw it on the whiteboard.
    2. Assess whether you are using the best workflow. Modify it if necessary.
    3. Use the sample workflow from this step as a guide if starting from scratch.
    4. Engage the team in refining the process workflow.
    5. Transfer data to Visio and add to the SOP.

    Option 2: Tabletop Exercise

    1. Distribute index cards to each member of the team.
    2. Have each person write a single task they perform on the index card. Be granular. Include the title or the name of the person responsible.
    3. Mark cards that are decision points. Use a card of a different color or use a marker to make a colored dot.
    4. Arrange the index cards in order, removing duplicates.
    5. Assess whether you are using the best workflow. Engage the team to refine it if necessary.
    6. Transfer data to Visio and add to the SOP.

    Build release management into your software deployment process

    A sound software deployment process is tied to sound release management practices.

    Releases: A collection of authorized changes to an IT service. Releases are divided into:

    • Major software releases/upgrades: Normally containing large areas of new functionality, some of which may make intervening fixes to redundant problems.
    • Minor software releases/upgrades: Normally containing small enhancements and fixes, some of which may have already been issued as emergency fixes.
    • Emergency software fixes: Contain the corrections to a small number of known problems.

    Ensure that release management processes work with SAM processes:

    • If a release will impact licensing, the SAM manager must be made aware to make any necessary adjustments.
    • Deployment models should be in line with SAM strategy (i.e. is software rolled out to everyone or individually when upgrades are needed?).
    • How will user requests for upgrades be managed?
    • Users should be on the same software version to ensure file compatibility and smooth patch management.
    • Ideally, software should be no more than two versions back.

    Document the process workflow for software deployment

    Define the process for deploying software to users.

    Include the following in your workflow:

    • All necessary approvals
    • Source of software
    • Process for standard vs. non-standard software requests
    • Update ITAM database once software has been installed with license data and install information
    A flowchart outlining the process workflow for software deployment. There are four levels, at the top is 'Business', then 'Desktop Support Team', 'Procurement', and the bottom is 'Asset Manager'. It begins in 'Business' with 'Request for software', and if it is approved by the manager it moves to 'Check DB: Can a volume serial # be used?' in 'Desktop Support Team'. If yes, it eventually moves on to 'Close ticket' on the same level, if not it eventually moves to 'Initiate procurement process' in 'Procurement', 'Initiate receiving process' in 'Asset Manager', and finally to 'Run quarterly license review to purchase volume licenses'.

    Large-scale software rollouts should be run as projects

    Rollouts or upgrades of large quantities of software will likely be managed as projects.

    These projects should include project plans, including resources, timelines, and detailed procedures.

    Define the process for large-scale deployment if it will differ from the regular deployment process.

    A flowchart outlining large-scale software rollouts. There are three levels, at the top is 'IT Procurement', then 'Asset Manager', and the bottom is 'Software Packager'. It begins in 'IT Procurement' with 'Project plan approved', and if a bid is not required it skips to 'Sign contract/Create purchase order'. This eventually moves to 'Receive access to eLicense site/receive access to new product' in 'Asset Manager', and either to 'Approve invoice for payment, forward to accounting' on the same level or to 'Download software, license keys' in 'Software Packager' then eventually to 'Deploy'.

    Design and document the deployment workflow(s)

    Associated Activity icon 2.2.3 Document deployment workflows for desktop and large-scale deployment

    Participants: Asset Manager, Service Desk Manager, Release & Deployment Manager

    Document: Document in the Standard Operating Procedures.

    1. Outline each step in the process of software deployment using notecards or on a whiteboard. Be as granular as possible. On each card, describe the step and the individual responsible for each step.
      • Be sure to identify the type of release for standard software releases and patches.
      • Additionally, identify how additional software outside the scope of the base image will be addressed.
    2. When you are satisfied that each step is accurately captured, use a second color of notecard to document any challenges, inefficiencies, or pains associated with each step. Consider further documenting the time on each task.
    3. Examine each challenge or pain point. Discuss whether there is a clear solution to the problem. If so, document the solution and amend the workflow. If not, engage in a broader discussion of possible solutions, considering people, processes, and available technology.
    4. Document separately the process for large-scale software deployment if required.

    Develop standards to streamline your software estate

    Software should be approved and deployed based on approved standards to minimize over-deployed software and manage costs appropriately. A list of standard software improves the efficiency of the software approval process.

    • Pre-approved titles include basic platforms like Office or Adobe Reader that are often available in enterprise-wide license packages.
    • Approved titles include popular titles with license numbers that need to be managed on a role-by-role basis. For example, if most of your marketing team uses the Adobe Creative Suite, a user still needs to get approval before they can get a license.
    • Unapproved titles are managed on a case-by-case basis and are up to the discretion of the asset manager and other involved parties.

    Additionally, create a list of unauthorized software including titles not to be installed under any circumstances. This list should be designed with feedback from your end users and technical support staff. Front-line knowledge is crucial to identifying which titles are causing major problems.

    Create a list of pre-approved, approved, and unapproved software titles

    Associated Activity icon 2.2.4 Determine software categories for deployment

    Participants: IT Director, Asset Manager, Purchasing (optional), Service Desk Manager (optional), Release & Deployment Manager (optional)

    Document: Document in the Standard Operating Procedures.

    1. Define software categories that will be used to build software standards.
    2. Include definitions of each category.
    3. Add examples of software to each category to begin building list of approved software titles for deployment.

    Use the following example as a guide.

    Category Definition Software titles
    Pre-approved/standard
    • Supported and approved for install for all end users
    • Included on most, if not all devices
    • Typically installed as a base image
    • Microsoft Office (Outlook, Word, Excel, PowerPoint)
    • Adobe Reader
    • Windows
    Approved by role
    • Supported and approved for install, but only for certain groups of end users
    • Popular titles with license numbers that need to be managed on a role-by-role basis
    • Pre-approved for purchase with business manager’s approval
    • Adobe Creative Cloud Suite
    • Adobe Acrobat Pro
    • Microsoft Visio
    Unapproved/requires review
    • Not previously approved or installed by IT
    • Special permission required for installation based on demonstrable business need
    • Managed on a case-by-case basis
    • Up to the discretion of the asset manager and other involved parties
    • Dynamics
    • Zoom Text
    • Adaptive Insights
    Unauthorized
    • Not to be installed under any circumstances
    • Privately owned software
    • Pirated copies of any software titles
    • Internet downloads

    Define the review and approval process for non-standard software

    Software requiring review will need to be managed on a case-by-case basis, with approval dependent on software evaluation and business need.

    The evaluation and approval process may require input from several parties, including business analysts, Security, technical team, Finance, Procurement, and the manager of the requestor’s department.

    A flowchart outlining the review and approval process for non-standard software. There are five levels, at the top is 'Business Analyst/Project Manager', then 'Security Team', 'Technical Team', 'Financial & Contract Review' and the bottom is 'Procurement'. It begins in 'Business Analyst/Project Manager' with 'Request for non-standard software', and if the approved product is available it moves to 'Evaluate tool for security, data, and privacy compliance' in 'Security Team'. If more evaluation is necessary it moves to 'Evaluate tool for infrastructure and integration requirements' in 'Technical Team', and then 'Evaluate terms and conditions' in 'Financial & Contract Review'. At any point in the evaluation process it can move back to the 'Business Analyst/Project Manager' level for 'Assemble requirements details', and finally down to the 'Procurement' level for 'Execute purchase'.

    Document the request and deployment process for non-standard software

    Associated Activity icon 2.2.5 Document process for non-standard software requests

    Participants: Asset Manager, Service Desk Manager, Release & Deployment Manager

    Document: Document in the Standard Operating Procedures.

    Define the review and approval process for non-standard software requests.

    Use the workflow on the previous slide as a guide to map your own workflow process and document the steps in the Standard Operating Procedures.

    The following assessments may need to be included in the process:

    • Functionality and use requirements: May include suggestion back to the business before proceeding any further to see if similar, already approved software could be used in its place.
    • Technical specifications: Cloud, data center, hardware, backups, integrations (Active Directory, others), file, and program compatibility.
    • Security: Security team may need to assess to ensure nothing will install that will compromise data or systems security.
    • Privacy policy: Security and compliance team may need to evaluate the solution to ensure data will be secured and accessed only by authorized users.
    • Terms and conditions: The contracts team may evaluate terms and conditions to ensure contracts and end-user agreements do not violate existing standards.
    • Accessibility and compliance: Software may be required to meet accessibility requirements in accordance with company policies.

    BMW deployed a global data centralization program to achieve 100% license visibility

    Logo for BMW.

    Case Study

    Industry: Financial Services
    Source: SAM Summit 2014

    Challenge

    BMW is a large German automotive manufacturer that employs over 100,000 people. It has over 7,000 software products deployed across 106,000 clients and servers in over 150 countries.

    When the global recession hit in 2008, the threat of costly audits increased, so BMW decided to boost its SAM program to cut licensing costs. It sought to centralize inventory data from operations across the globe.

    Solution

    A new SAM office was established in 2009 in Germany. The SAM team at BMW began by processing all the accumulated license and installation data from operations in Germany, Austria, and the UK. Within six months, the team had full visibility of all licenses and software assets.

    Compliance was also a priority. The team successfully identified where they could make substantial reductions in support and maintenance costs as well as remove surplus costs associated with duplicate licensing.

    Results

    BMW overcame a massive data centralization project to achieve 100% visibility of its global licensing estate, an incredible achievement given the scope of the operation.

    BMW experienced efficiency gains due to transparency and centralized management of licenses through the new SAM office.

    Additionally, internal investment in training and technical knowledge has helped BMW continuously improve the program. This has resulted in ongoing cost reductions for the manufacturer.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    Photo of an Info-Tech analyst.
    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    2.1.5

    Sample of activity 2.1.5 'Build software procurement workflow for new contracts'. Build software procurement workflow for new contracts

    Use the sample workflow to document your own process for procurement of new software contracts.

    2.2.4

    Sample of activity 2.2.4 'Create a list of pre-approved, approved, and unapproved software titles'. Create a list of pre-approved, approved, and unapproved software titles

    Build definitions of software categories to inform software standards and brainstorm examples of each category.

    Phase 2 outline

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 2: Procure, receive, and deploy

    Proposed Time to Completion (in weeks): 6
    Step 2.1: Request and procureStep 2.2: Receive and deploy
    Start with an analyst kick-off call:
    • Define standards for software requests
    • Build procurement policy
    • Define procurement processes
    Review findings with analyst:
    • Build processes for software receiving
    • Build processes for software requests and deployment
    • Define process for non-standard requests
    Then complete these activities…
    • Determine software standards
    • Define procurement policy
    • Identify authorization thresholds
    • Build procurement workflows for new contracts and renewals
    Then complete these activities…
    • Identify storage locations for software information
    • Design workflow for receiving software
    • Design workflow for software deployment
    • Create a list of approved and non-standard requests
    • Define process for non-standard requests
    With these tools & templates:
    • Standard Operating Procedures
    With these tools & templates:
    • Standard Operating Procedures

    Phase 3: Manage, Redeploy, and Retire

    Step 3.1 Manage and maintain software contracts

    Phase 3:
    Manage, Redeploy & Retire
    This step will walk you through the following activities:This step involves the following participants:

    3.1

    Manage & Maintain Software
    • 3.1.1 Define process for conducting software inventory
    • 3.1.2 Define policies for software maintenance and patches
    • 3.1.3 Document your patch management policy
    • IT Director, CIO
    • IT Managers and SAM Manager
    • SAM Team
    • Release Manager (optional)
    • Security (optional)

    3.2

    Harvest, Redeploy, or Retire

    Step Outcomes

    • A process for conducting regular software inventory checks and analyzing the data to continually manage software assets and license compliance.
    • An understanding of software maintenance requirements
    • A policy for conducting regular software maintenance and patching
    • A documented patch management policy

    Manage your software licenses to decrease your risk of overspending

    Many organizations fail to track their software inventory effectively; the focus often remains on hardware due to its more tangible nature. However, annual software purchases often account for a higher IT spend than annual hardware purchases, so it’s important to track both.

    Benefits of managing software licenses

    • Better control of the IT footprint. Many companies already employ hardware asset management, but when they employ SAM, there is potential to save millions of dollars through optimal use of all technology assets.
    • Better purchasing decisions and negotiating leverage. Enhanced visibility into actual software needs means not only can companies procure and deploy the right increments of software in the right areas, but they can also do so more cost-effectively through tools such as volume purchase agreements or bundled services.
    • No refund policy combined with shelfware (software that sits unused “on the shelf”) is where software companies make their money.
    • Managing licenses will help prevent costly audit penalties. Special attention should be paid to software purchased from large vendors such as Microsoft, Oracle, Adobe, SAP, or IBM.

    Maintain a comprehensive, up-to-date software inventory to manage licenses effectively

    A clearly defined process for inventory management will reduce the risk of over buying licenses and falling out of compliance.

    • A detailed software inventory and tracking system should act as a single point of contact for all your license data.
    • Maintain a comprehensive inventory of installed software through complete and accurate records of all licenses, certifications, and software purchase transactions, storing these in a secure repository.
    • Periodically review installed software and accompanying licenses to ensure only legal and supported software is in use and to ensure ongoing compliance with the software management policy.

    Info-Tech Best Practice

    Have and maintain a list of supported software to guide what new software will be approved for purchase and what current software should be retained on the desktops, servers, and other processing devices.

    Conduct a baseline inventory of deployed software to know what you have

    You have to know what you have before you can manage it.

    A baseline inventory tells you exactly what software you have deployed and where it is being used. This can help to determine how to best optimize software and license usage.

    A software inventory will allow you to:

    • Identify all software residing on computers.
    • Compare existing software to the list of supported software.
    • Identify and delete illegal or unsupported software.
    • Identify and stop software use that violates license agreements, copyright law, or organizational policies.

    Two methods for conducting a software inventory:

    1. If you have several computers to analyze, use automated tools to conduct inventory for greater accuracy and efficiency. Software inventory or discovery tools scan installed software and generate inventory reports, while asset management tools will help you manage that data.
    2. Manual inventory may be possible if your organization has few computers.

    How to conduct a manual software inventory:

    1. Record serial number of device being analyzed.
    2. Record department and employee to whom the computer is assigned.
    3. Inspect contents of hard drive and/or server to identify software as well as hidden files and directories.
    4. Record licensing information for software found on workstation and server.
    5. Compare findings with list of supported software and licenses stored in repository.

    Keep the momentum going through regular inventory and licensing checks

    Take preventive action to avoid unauthorized software usage through regular software inventory and license management:

    • Regularly update the list of supported software and authorized use.
    • Monitor and optimize software license usage.
    • Continually communicate with and train employees around software needs and policies.
    • Maintain a regular inventory schedule to keep data up to date and remain compliant with licensing requirements – your specific schedule will depend on the size of the company and procurement schedule.
    • Conduct random spot inventories – even if you are using a tool, periodic spot checks should still be performed to ensure accuracy of inventory.
    • Periodically review software procurement records and ensure procurement process is being followed.
    • Continuously monitor software installations on networked computers through automated tools.
    • Ensure software licensing documentation and data is secure.

    Define process for conducting software inventory

    Associated Activity icon 3.1.1 Define process for regular software inventory

    Participants: IT Director, Asset Manager

    Document: Document in the Standard Operating Procedures.

    1. If a baseline software inventory has not been conducted, discuss and document a plan for completing the inventory.
      • Will the inventory be conducted manually or through automated tools?
      • If manually, what information will be collected and recorded? Which devices will be analyzed? Where will data be stored?
      • If automatically, which tools will be used? Will any additional information need to be collected? Who will have access to the inventory?
      • When will the inventory be conducted and by whom?
        • Monthly inventory may be required if there is a lot of change and movement, otherwise quarterly is usually sufficient.
    2. Document how inventory data will be analyzed.
      • How will data be compared against supported software?
      • How will software violations be addressed?
    3. Develop a plan for continual inventory spot checks and maintenance.
      • How often will inventory be conducted and/or analyzed?
      • How often will spot checks be performed?

    Don’t forget that software requires maintenance

    While maintenance efforts are typically focused around hardware, software maintenance – including upgrades and patches – must be built into the software asset management process to ensure software remains compliant with security and regulatory requirements.

    Software maintenance guidelines:

    • Maintenance agreements should be stored in the ITAM database.
    • Software should be kept as current as possible. It is recommended that software remain no more than two versions off.
    • Unsupported software should be uninstalled or upgraded as required.
    • Upgrades should be tested, especially for high-priority or critical applications or if integrated with other applications.
    • Change and release management best practices should be applied for all software upgrades and patches.
    • A process should be defined for how often patches will be applied to end-user devices.

    Integrate patch management with your SAM practice to improve security and reduce downtime

    The integration between patch management and asset management is incredibly valuable from a technology point of view. IT asset management (ITAM) tools create reports on the characteristics of deployed software. By combining these reports with a generalized software updater, you can automate most simple patches to save your team’s efforts for more-critical incidents. Usage reports can also help determine which applications should be reviewed and removed from the environment.

    • In recent years, patch management has grown in popularity due to widespread security threats, the resultant downtime, and expenses associated with them.
    • The main objective of patch management is to create a consistently configured environment that is secure against known vulnerabilities in operating systems and application software.

    Assessing new patches should include questions such as:

    • What’s the risk of releasing the patch? What is the criticality of the system? What end users will be affected?
    • How will we manage business disruption during an incident caused by a failed patch deployment?
    • In the event of service outage as a result of a failed patch deployment, how will we recover services effectively in business priority order?
    • What’s the risk of expediting the patch? Of not releasing the patch at all?

    Define policies for software maintenance and patches

    Associated Activity icon 3.1.2 Define software maintenance and patching policies

    Participants: IT Director, Asset Manager, Release Manager (optional), Security (optional)

    Document: Document in the Standard Operating Procedures.

    Software maintenance:

    Review the software maintenance guidelines in this section and in the SOP template. Discuss each policy and revise and document in accordance with your policies.

    Patch management:

    Discuss and document patch management policies:

    1. How often will end-user devices receive patches?
    2. How often will servers be patched?
    3. How will patches be prioritized? See example below.
      • Critical patches will be applied within two days of release, with testing prioritized to meet this schedule.
      • High-priority patches will be applied within 30 days of release, with testing scheduled to meet this requirement.
      • Normal-priority patches will be evaluated for appropriateness and will be installed as needed.

    Document your patch management policy

    Supporting Tool icon 3.1.3 Use the Patch Management Policy template to document your policy

    The patch management policy helps to ensure company computers are properly patched with the latest appropriate updates to reduce system vulnerability and to enhance repair application functionality. The policy aids in establishing procedures for the identification of vulnerabilities and potential areas of functionality enhancements, as well as the safe and timely installation of patches. The patch management policy is key to identifying and mitigating any system vulnerabilities and establishing standard patch management practices.

    Use Info-Tech’s Patch Management Policy template to get started.

    Sample of the 'Patch Management Policy' template.

    Step 3.2 Harvest, Redeploy, or Retire Software

    Phase 3:
    Manage, Redeploy & Retire
    This step will walk you through the following activities:This step involves the following participants:

    3.1

    Manage & Maintain Software
    • 3.2.1 Map your software license harvest and reallocation process
    • 3.2.2 Define the policy for retiring software
    • IT Director, CIO
    • IT Managers and SAM Manager
    • SAM Team

    3.2

    Harvest, Redeploy, or Retire

    Step Outcomes

    • A defined process for harvesting and reallocating unused software licenses
    • A defined policy for how and when to retire unused or outdated software

    Harvest and reallocate software to optimize license usage

    Using a defined process for harvesting licenses will yield a crop of savings throughout the organization.

    Unused software licenses are present in nearly every organization and result in wasted resources and software spend. Recycling and reharvesting licenses is a critical process within software asset management to save your organization money.

    Licensing Recycling

    When computers are no longer in use and retired, the software licenses installed on the machines may be able to be reused.

    License recycling involves reusing these licenses on machines that are still in use or for new employees.

    License Harvesting

    License harvesting involves more actively identifying machines with licenses that are either not in use or under utilized, and recovering them to be used elsewhere, thus reducing overall software spend on new licenses.

    Use software monitoring data to identify licenses for reallocation in alignment with policies and agreements

    1. Monitor software usage
      Monitor and track software license usage to gain a clear picture of where and how existing software licenses are being used and identify any unused or underused licenses.
    2. Identify licenses for reharvesting
      Identify software licenses that can be reharvested and reallocated according to your policy.
    3. Uninstall software
      Notify user, schedule a removal time if approved, uninstall software, and confirm it has been removed.
    4. Reallocate license when needed

    Sources of surplus licenses for harvest:

    • Projects that required a license during a particular time period, but now do not require a license (i.e. the free version of the software will suffice)
    • Licenses assigned to users no longer with the organization
    • Software installed on decommissioned hardware
    • Installed software that hasn’t been used by the user in the last 90 days (or other defined period)
    • Over-purchased software due to poorly controlled software request, approval, or provisioning processes

    Info-Tech Insight

    Know the stipulations of your end-user license agreement (EULA) before harvesting and reallocating licenses. There may be restrictions on how often a license can be recycled in your agreement.

    Create a defined process for software license harvesting

    Define a standard reharvest timeline. For example, every 90 days, your SAM team can perform an internal audit using your SAM tool to gather data on software usage. If a user has not used a title in that time period, your team can remove that title from that user’s machine. Depending on the terms and conditions of the contract, the license can either be retired or harvested and reallocated.

    Ensure you have exception rules built in for software that’s cyclical in its usage. For example, Finance may only use tax software during tax season, so there’s no reason to lump it under the same process as other titles.

    It’s important to note that in addition to this process, you will need a software usage policy that supports your license harvest process.

    The value of license harvesting

    • Let’s say you paid for 1,000 licenses of a software title at a price of $200 per license.
    • Of this total, 950 have been deployed, and of that total, 800 are currently being used.
    • This means that 16% of deployed licenses are not in use – at a cost of $30,000.
    • With a defined license harvest process, this situation would have been prevented.

    Build a workflow to document the software harvest process

    Include the following in your process:

    • How will unused software be identified?
    • How often will usage reports be reviewed?
    • How will the user be notified of software to be removed?
    • How will the software be removed?
    A flowchart documenting the software harvest process. There are two levels, at the top is 'IT Asset Manager', and the bottom is 'Desktop Support Team'. It begins in 'IT Asset Manager' with 'Create/Review Usage Report', and if the client agrees to removal it moves to 'License deactivation required?' in 'Desktop Support Team'. Eventually you 'Close ticket' and it moves back up to 'Discovery tool will register change automatically' in 'IT Asset Manager'.

    Map your software license harvest and reallocation process

    Associated Activity icon 3.2.1 Build license harvest and reallocation workflow

    Participants: IT Director, Asset Manager, Service Desk Manager

    Document: Document in the Standard Operating Procedures.

    1. Outline each step in the process of software harvest and reallocation using notecards or a whiteboard. Be as granular as possible. On each card, describe the step and the individual responsible for each step.
    2. When you are satisfied that each step is accurately captured, use a second color of notecard to document any challenges, inefficiencies, or pains associated with each step. Consider further documenting the time on each task.
    3. Examine each challenge or pain point. Discuss whether there is a clear solution to the problem. If so, document the solution and amend the workflow. If not, engage in a broader discussion of possible solutions, considering people, processes, and available technology.
    4. Use the sample workflow on the previous slide as a guide if needed.

    The same flowchart documenting the software harvest process from the previous section.

    Improve your software retirement process to drive savings for the whole business

    Business Drivers for Software Disposal

    • Cost Reduction
      • Application retirement allows the application and the supporting hardware stack to be decommissioned.
      • This eliminates recurring costs such as licensing, maintenance, and application administration costs, representing potentially significant savings
    • Consolidation
      • Many legacy applications are redundant systems. For example, many companies have ten or more legacy financial systems from mergers/acquisitions.
      • Systems can be siloed, running incompatible software. Moving data to a common accessible repository streamlines research, audits, and reporting.
    • Compliance
      • An increased focus on regulations places renewed emphasis on e-discovery policies. Keeping legacy applications active just to retain data is an expensive proposition.
      • During application retirement, data is classified, assigned retention policies, and disposed of according to data/governance initiatives.
    • Risk Mitigation
      • Relying on IT to manage legacy systems is problematic. The lack of IT staff familiar with the application increases the potential risk of delayed responses to audits and e-discovery.
      • Retiring application data to a common platform lets you leverage skills you have current investments in. This enables you to be responsive to audit or litigation results.

    Retire your outdated software to decrease IT spend on redundant applications

    Benefits of software retirement:

    1. Assists the service desk in not having to support every release, version, or edition of software that your company might have used in the past.
    2. Stay current with product releases so your company is better placed to take advantage of improvements built-in to such products, rather than being limited by the lack of a newly introduced function.
    3. Removing software that is no longer of commercial benefit can offer a residual value through assets.

    Consequences of continuing to support outdated software:

    • Budgets are tied up to support existing applications and infrastructure, which leaves little room to invest in new technologies that would otherwise help grow business.
    • Much of this software includes legacy systems that were acquired or replaced when new applications were deployed. The value of these outdated systems decreases with every passing year, yet organizations often continue to support these applications.
      • Fear of compliance and data access are the most common reasons.
    • Unfortunately, the cost of doing so can consume over 50% of an overall IT budget.

    The solution to this situation is to retire outdated software.

    “Time and time again, I keep hearing stories from schools on how IT budgets are constantly being squeezed, but when I dig a little deeper, little or no effort is being made on accounting for software that might be on the kit we are taking away.” (Phil Goldsmith, Managing Director – ScrumpyMacs)

    Define the policy for retiring software

    Associated Activity icon 3.2.2 Document process for software retirement

    Participants: IT Director, Asset Manager, Operations

    Document: Document in the Standard Operating Procedures.

    1. Discuss and document the process for retiring software that has been deemed redundant due to changing business needs or an improvement in competitive options.
    2. Consider the following:
      • What criteria will determine when software is suited for retirement?
      • The contract should always be reviewed before making a decision to ensure proper notice is given to the vendor.
      • Notice should be provided as soon as possible to ensure no additional billing arrives for renewals.
      • How will software be removed from all devices? How soon must the software be replaced, if applicable?
      • How long will records be archived in the ITAM database?
    3. Document decisions in the Standard Operating Procedures.

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    Photo of an Info-Tech analyst.
    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    3.1.2

    Sample of activity 3.1.2 'Define policies for software maintenance and patches'. Define policies for software maintenance and patches

    Discuss best practices and define policies for conducting regular software maintenance and patching.

    3.2.1

    Sample of activity 3.3.1 'Assess the maturity of audit management processes and policies'. Map your software license harvest and reallocation process

    Build a process workflow for harvesting and reallocating unused software licenses.

    Phase 3 outline

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 3: Manage, redeploy, and retire

    Proposed Time to Completion (in weeks): 4
    Step 3.1: Manage and maintain softwareStep 3.2: Harvest, redeploy, or retire
    Start with an analyst kick-off call:
    • Define a process for conducting software inventory
    • Define a policy for software maintenance
    • Build a patch management policy
    Review findings with analyst:
    • Build a process for harvesting and reallocating software licenses
    • Define a software retirement policy
    Then complete these activities…
    • Define process for conducting software inventory
    • Define policies for software maintenance
    • Document patch management policy
    Then complete these activities…
    • Map software harvest and reallocation process
    • Define software retirement policy
    With these tools & templates:
    • Standard Operating Procedures
    • Patch Management Policy
    With these tools & templates:
    • Standard Operating Procedures

    Phase 4: Build Supporting Processes & Tools

    Visa used an internal SAM strategy to win the audit battle

    Logo for VISA.

    Case Study

    Industry: Financial Services
    Source: SAM Summit 2014

    Challenge

    The overarching goal of any SAM program is compliance to prevent costly audit fines. The SAM team at Visa was made up of many individuals who were former auditors.

    To deal with audit requests from vendors, “understand how auditors do things and understand their approach,” states Joe Birdsong, SAM Director at Visa.

    Vendors are always on the lookout for telltale signs of a lucrative audit. For Visa, the key was to understand these processes and learn how to prepare for them.

    Solution

    Vendors typically look for the following when evaluating an organization for audit:

    1. A recent decrease in customer spend
    2. How easy the licensed software is to audit
    3. Organizational health

    Ultimately, an audit is an attack on the relationship between the vendor and organization. According to Birdsong: “Maybe they haven’t really touched base with your teams and had good contact and relationship with them, and they don’t really know what’s going on in your enterprise.”

    Results

    By understanding the motivations behind potential audits, Visa was able to form a strategy to increase transparency with the vendor.

    Regular data collection, almost real-time reporting, and open, quick communication with the vendor surrounding audits made Visa a low-risk client for vendors.

    Buy-in from management is also important, and the creation of an official SAM strategy helps maintain support. Thanks to its proactive SAM program, Visa saved $200 million in just three years.

    Step 4.1 Ensure compliance for audits

    Phase 4:
    Build supporting processes & tools
    This step will walk you through the following activities:This step involves the following participants:

    4.1

    Compliance & audits
    • 4.1.1 Define and document the internal audit process
    • 4.1.2 Define and document the external audit process
    • 4.1.3 Prepare an audit scoping email template
    • 4.1.4 Prepare an audit launch email template
    • IT Director, CIO
    • IT Managers and SAM Manager
    • SAM Team

    4.2

    Communicate & build roadmap

    Step Outcomes

    • An understanding of the audit process and importance of audit preparation
    • A defined process for conducting regular internal audits to prepare for and defend against external audits
    • A strategy and documented process for responding to external audit requests

    Take a lifecycle approach to your software compliance process

    Internal audits are an effective way for organizations to regularly assess their licensing position in preparation for an audit.

    1. Gather License Data
      Use your SAM tool to run a discovery check to determine the current state of your software estate.
    2. Improve Data Quality
      Scan the data for red flags. Improve its completeness, consistency, and quality.
    3. Identify Audit Risks
      Using corrected license data, examine your reports and identify areas of risk within the organization.
    4. Identify priority titles
      Determine which titles need attention first by using the output of the license rationalization step.
    5. Reconcile to eliminate gaps
      Ensure that the correct number of licenses are deployed for each title.
    6. Draft Vendor Response
      Prepare response to vendor for when an audit has been requested.

    Improve audit response maturity by leveraging technology and contract data

    By improving your software asset management program’s maturity, you will drive savings for the business that go beyond the negotiating table.

    Recognize the classic signs of each stage of audit response maturity to identify where your organization currently stands and where it can go.

    • Optimized: Automated tools generate compliance, usage, and savings reports. Product usage reports and alerts in place to harvest and reuse licenses. Detailed savings reports provided to executive team.
    • Proactive: Best practices enforced. Compliance positions are checked quarterly, and compliance reports are used to negotiate software contracts.
    • Reactive: Best practices identified but unused. Manual tools still primarily in use. Compliance reports are time-consuming and often inaccurate.
    • Chaotic: Purchases are ad hoc and transaction based. Minimal tracking in place, leading to time-consuming manual processes.

    Implement a proactive internal audit strategy to defend against external audits

    Audits – particularly those related to software – have been on the rise as vendors attempt to recapture revenue.

    Being prepared for an audit is critical. Internal preparation will not only help your organization reduce the risk associated with an audit but will also improve daily operations through focusing on diligent documentation and data collection.

    Conducting routine internal audits will help prepare your organization for the real deal and may even prevent the audit from happening altogether. Hundreds of thousands of dollars can be saved through a proactive audit strategy with routine documentation in place.

    In addition to the fines incurred from a failed audit, numerous other negative consequences can arise:

    • Multiple audits: Failing an audit makes the organization more likely to be audited again.
    • Poor perception of IT: Unless non-compliance was previously disclosed to the business, IT can be deemed responsible.
    • Punitive injunctions: If a settlement is not reached, vendors will apply for an injunction, inhibiting use of their software.
    • Inability to justify purchases: IT can have difficulty justifying the purchase of additional resources after a failed audit.
    • Disruption to business: Precious time and resources will be spent dealing with the results of the audit.

    Perform routine internal compliance reports to decrease audit risk

    The intent of an internal audit is to stop the battle from happening before it starts. Waiting for a knock at the door from a vendor can be stressful, and it can do harm beyond a costly fine.

    • Internal audits help to ensure you’re keeping track of any software changes to keep your data and licensing up to date and avoid costly surprises if an external audit is requested.
    • Identify areas where processes are breaking down and address them before there’s a potential negative impact.
    • Identify control points in processes ahead of time to more easily identify access points where information should be verified.

    “You want to get [the] environment to a level where you’re comfortable sharing information with [a] vendor. Inviting them in to have a chat and exposing numbers means there’s no relationship there where they’re coming to audit you. They only come to audit you when they know there’s a gain to be had, otherwise what’s the point of auditing?
    I want customers to get comfortable with licensing and what they’re spending, and then there’s no problem exposing that to vendors. Vendors actually appreciate that.”
    (Ben Brand, SAM Practice Manager, Insight)

    Info-Tech Insight

    “The supreme art of war is to subdue the enemy without fighting.” – Sun Tzu

    Performing routine checks on your license compliance will drastically reduce the risk that your organization gets hit with a costly fine. Maintaining transparency and demonstrating compliance will fend off audit-hungry vendors.

    Define and document the internal audit process

    Associated Activity icon 4.1.1 Document process and procedures for internal audits

    Participants: CIO and/or IT Director, Asset Manager, IT Managers

    Document: Document in the Standard Operating Procedures.

    Define and document a process for conducting internal software audits.
    Include the following:

    1. How often will audits be completed for each software published?
    2. When will audits be conducted?
    3. Who will conduct the audit? Who will be consulted?
    4. What will be included in the scope of the audit?

    Example:

    • Annual audits will be completed for each software publisher, scheduled as part of the license or maintenance agreement renewals.
    • Where annual purchases are not required, vendor audits for compliance will be conducted annually, with a date predetermined based on minimizing scheduling conflicts with larger audits.
    • Audit will be completed with input from product managers.
    • Audit will include:
      • Software compliance review: Licenses owned compared to product installed.
      • Version review: Determine if installed versions match company standards. If there is a need for upgrades, does the license permit upgrading?
      • Maintenance review: Does the maintenance match requirements for the next year’s plans and licenses in use?
      • Support review: Is the support contract appropriate for use?
      • Budget: Has budget been allocated; is there an adjustment required due to increases?

    Identify organizational warning signs to decrease audit risk

    Being prepared for an audit is critical. Internal preparation will not only help your organization reduce the risk associated with an audit but will also improve daily operations through focusing on diligent documentation and data collection.

    Certain triggers exist that indicate a higher risk of an audit occurring. It is important to recognize these warning signs so you can prepare accordingly.

    Health of organization
    If your organization is putting out fires and a vendor can sense it, they’ll see an audit as a highly lucrative exercise.

    Decrease in customer spend
    A decrease in spend means that an organization has a high chance of being under-licensed.

    License complexity
    The more complex the license, the harder it is to remain in compliance. Some vendors are infamous for their complex licensing agreements.

    Audit Strategy

    • Audits should neither be feared nor embraced.
    • An audit is an attack on your relationship with your vendor; your vendor needs to defend its best interests, but it would also rather maintain a satisfied relationship with its client.
    • A proactive approach to audits through routine reporting and transparency with vendors will alleviate all fear surrounding the audit process. It provides your vendor with compliance assurance and communicates that an audit won’t net the vendor enough revenue to justify the effort.

    Focus on three key tactics for success before responding to an audit

    Taking these due diligence steps will pay dividends downstream, reducing the risk of negative results such as release of confidential information.

    Form an Audit Team

    • Once an audit letter is received from a vendor or third party, a virtual team needs to be formed.
    • The team should be cross-functional, representing various core areas of the business.
    • Don’t forget legal counsel: they will assist in the review of audit provision(s) to determine your contractual rights and obligations with respect to the audit.

    Sign an NDA

    • An NDA should be signed by all parties, the organization, the vendor, and the auditor.
    • Don’t wait on a vendor to provide its NDA. The organization should have its own and provide it to both parties.
    • If the auditor is a third party, negotiate a three-way NDA. This will prevent data being shared with other third parties.

    Examine Contract History

    • Vendors will attempt to alter terms of contracts when new products are purchased.
    • Maintain your current agreement if they are more favorable by “grandfathering” your original agreement.
    • Oracle master level agreements are an example: master level agreements offer more favorable terms than more recent versions.

    Info-Tech Insight

    Even if you cannot get a third-party NDA signed, the negotiation process should delay the overall audit process by at least a month, buying your organization valuable time to gather license data.

    Be prepared for external audit requests with a defined process for responding

    1. Vendor-initiated audit request received and brought to attention of IT Asset Manager and CIO.
    2. Acknowledge receipt of audit notice.
    3. Negotiate timing and scope of the audit (including software titles, geographic locations, entities, and completion date).
    4. Notify staff not to remove or acquire licenses for software under audit.
    5. Gather documentation and create report of all licensed software within audit scope.
      • Include original contract, most recent contract, and any addendums, purchase receipts, or reseller invoices, and publisher documentation such as manuals or electronic media.
    6. Compare documentation to installed software according to ITAM database.
    7. Validate any unusual or non-compliant software.
    8. Complete documentation requested by auditor and review results.

    Define and document the external audit process

    Associated Activity icon 4.1.2 Define external audit process

    Participants: CIO and/or IT Director, Asset Manager, IT Managers

    Document: Document in the Standard Operating Procedures.

    Define and document a process for responding to external software audit requests.
    Include the following:

    1. Who must be notified of the audit request when it is received?
    2. When must acknowledgement of the notice be sent and by whom?
    3. What must be defined under the scope of the audit (e.g. software titles, geographic locations, entities, completion date)?
    4. What communications must be sent to IT staff and end users to ensure compliance?
    5. What documentation should be gathered to review?
    6. How will documentation be verified against data?
    7. How will unusual or non-compliant software be identified and validated?
    8. Who needs to be informed of the results?

    Control audit scope with an audit response template

    Supporting Tool icon 4.1.3 Prepare an audit scoping email template

    Use the Software Audit Scoping Email Template to create an email directed at your external (or internal) auditors. Send the audit scoping email several weeks before an audit to determine the audit’s scope and objectives. The email should include:

    • Detailed questions about audit scope and objectives.
    • Critical background information on your organization/program.

    The email will help focus your preparation efforts and initiate your relationship with the auditors.

    Control scope by addressing the following:

    • Products covered by a properly executed agreement
    • Geographic regions
    • User groups
    • Time periods
    • Specific locations
    • A subset of users’ computers
    Sample of the 'Software Audit Scoping Email Template'.

    Keep leadership informed with an audit launch email

    Supporting Tool icon 4.1.4 Prepare an audit launch email template

    Approximately a week before the audit, you should email the internal leadership to communicate information about the start of the audit. Use the Software Audit Launch Email Template to create this email, including:

    • Staffing
    • Functional requirements
    • Audit contact person information
    • Scheduling details
    • Audit report estimated delivery time

    For more guidance on preparing for a software audit, see Info-Tech’s blueprint: Prepare and Defend Against a Software Audit.

    Sample of the 'Software Audit Launch Email Template'.

    A large bank employed proactive, internal audits to experience big savings

    Case Study

    Industry: Banking
    Source: Pomeroy

    Challenge

    A large American financial institution with 1,300 banking centers in 12 states, 28,000 end users, and 108,000 assets needed to improve its asset management program.

    The bank had employed numerous ITAM tools, but IT staff identified that its asset data was still fragmented. There was still incomplete insight into what assets the banked owned, the precise value of those assets, their location, and what they’re being used for.

    The bank decided to establish an asset management program that involved internal audits to gather more-complete data sets.

    Solution

    With the help of a vendor, the bank implemented cradle-to-grave asset tracking and lifecycle management, which provided discovery of almost $80 million in assets.

    The bank also assembled an ITAM team and a dedicated ITAM manager to ensure that routine internal audits were performed.

    The team was instrumental in establishing standardization of IT policies, hardware configuration, and service requirements.

    Results

    • The bank identified and now tracks over 108,000 assets.
    • The previous level of 80% accuracy in inventory tracking was raised to 96%.
    • Nearly $500,000 was saved through asset recovery and repurposing of 600 idle assets.
    • There are hundreds of thousands of dollars in estimated savings as the result of avoiding costly penalties from failed audits thanks to proactive internal audits.

    Step 4.2 Build communication plan and roadmap

    Phase 4:
    Build supporting processes & tools
    This step will walk you through the following activities:This step involves the following participants:

    4.1

    Compliance & audits
    • 4.2.1 Develop a communication plan to convey the right messages
    • 4.2.2 Anticipate end-user questions by preparing an FAQ list
    • 4.2.3 Build a software asset management policy
    • 4.2.4 Build additional SAM policies
    • 4.2.5 Develop a SAM roadmap to plan your implementation
    • IT Director, CIO
    • IT Managers and SAM Manager
    • SAM Team

    4.2

    Communicate & build roadmap

    Step Outcomes

    • A documented communications plan for relevant stakeholders to understand the benefits and changes the SAM program will bring
    • A list of anticipated end-user questions with responses
    • Documented software asset management policies
    • An implementation roadmap

    Communicate SAM processes to gain acceptance and support

    Communication is crucial to the integration and overall implementation of your SAM program. If staff and users do not understand the purpose of processes and policies, they will fail to provide the desired value.

    An effective communication plan will:

    • Gain support from management at the project proposal phase.
    • Create end-user buy-in once the program is set to launch.
    • Maintain the presence of the program throughout the business.
    • Instill ownership throughout the business from top-level management to new hires.

    Communicate the following:

    1. Advertise successes

      • Regularly demonstrate the value of the SAM program with descriptive statistics focused on key financial benefits.
      • Share data with the appropriate personnel; promote success to obtain further support from senior management.
    2. Report and share asset data

      • Sharing detailed asset-related reports frequently gives decision makers useful data to aid in their strategy.
      • These reports can help your organization prepare for audits, adjust budgeting, and detect unauthorized software.
    3. Communicate the value of SAM

      • Educate management and end users about how they fit into the bigger picture.
      • Individuals need to know which behaviors may put the organization at risk or adversely affect data quality.

    Educate staff and end users through SAM training to increase program success

    As part of your communication plan and overall SAM implementation, training should be provided to both staff and end users within the organization.

    • ITAM solutions are complex by nature with both business process and technical knowledge required to use them correctly.
    • All facets of the business, from management to new hires, should be provided with training to help them understand their role in the program’s success.
    • Keep the message appropriate to the audience – end users don’t need to know the complete process, but will need to know policy and how to request.
    • Even after the SAM program has been fully implemented, keep employees up to date with policies and processes through ongoing training sessions for both new hires and existing employees:
      • New hires: Provide new hires with all relevant SAM policies and ensure they understand the importance of software asset management.
      • Existing employees: Continually remind them of how SAM is involved in their daily operations and inform them of any changes to policies.

    Create your communications plan to anticipate challenges, remove obstacles, and ensure buy-in

    Provide separate communications to key stakeholder groups

    Why:
    • What problems are you trying to solve?
    What:
    • What processes will it affect (that will affect me)?
    Who:
    • Who will be affected?
    • Who do I go to if I have issues with the new process?
    Three circular arrows each linking t the next in a downward daisy chain. The type arrow has 'IT Staff' in the middle, the second 'Management', and the third 'End Users' When:
    • When will this be happening?
    • When will it affect me?
    How:
    • How will these changes manifest themselves?
    Goal:
    • What is the final goal?
    • How will it benefit me?

    Develop a communication plan to convey the right messages

    Associated Activity icon 4.2.1 Develop a communication plan to convey the right messages

    Participants: CIO, IT Director, Asset Manager, Service Desk Manager

    Document: Document in the SAM Communication Plan.

    1. Identify the groups that will be affected by the SAM program.
    2. For each group requiring a communication plan, identify the following:
    3. Benefits of SAM for that group of individuals (e.g. more efficient software requests).
    4. The impact the change will have on them (e.g. change in the way a certain process will work).
    5. Communication method (i.e. how you will communicate).
    6. Timeframe (i.e. when and how often you will communicate the changes).
    7. Complete this information in a table like the one below and document in the Communication Plan.
    Group Benefits Impact Method Timeline
    Executives
    • Improved audit compliance
    • Improved budgeting and forecasting
    • Review and sign off on policies
    End Users
    • Streamlined software request process
    • Follow software installation and security policies
    IT
    • Faster access to data and one source of truth
    • Modified processes
    • Ensure audits are completed regularly

    Anticipate end-user questions by preparing an FAQ list

    Associated Activity icon 4.2.2 Prepare an FAQ list

    Document: Document FAQ questions and answers in the SAM FAQ Template.

    ITAM imposes changes to end users throughout the business and it’s normal to expect questions about the new program. Prepare your team ahead of time by creating a list of FAQs.

    Some common questions include:

    • Why are you changing from the old processes?
    • Why now?
    • What are you going to ask me to do differently?
    • Will I lose any of my software?

    The benefits of preparing a list of answers to FAQs include:

    • A reduction in time spent creating answers to questions. If you focus on the most common questions, you will make efficient use of your team’s time.
    • Consistency in your team’s responses. By socializing the answers to FAQs, you ensure that no one on your team is out of the loop and the message remains consistent across the board.

    Include policy design and enforcement in your communication plan

    • Software asset management policies should define the actions to be taken to support software asset management processes and ensure the effective and efficient management of IT software assets across the asset lifecycle.
    • Implementing asset management policies enforces the notion that the organization takes its IT assets and the management of them seriously and will help ensure the benefits of SAM are achieved.
    • Designing, approving, documenting, and adopting one set of standard SAM policies for each department to follow will ensure the processes are enforced equally across the organization.

    Info-Tech Insight

    Use policy templates to jumpstart your policy development and ensure policies are comprehensive, but be sure to modify and adapt policies to suit your corporate culture or they will not gain buy-in from employees. For a policy to be successful, it must be a living document and have participation and involvement from the committees and departments to whom it will pertain.

    Build a software asset management policy

    Supporting Tool icon 4.2.3 Document a SAM policy

    Use Info-Tech’s Software Asset Management Policy template to define and document the purpose, scope, objectives, and roles and responsibilities for your organization's software asset management program.

    The template allows you to customize policy requirements for:

    • Procurement
    • Installation and Removal
    • Maintenance
    • Mergers and Acquisitions
    • Company Divestitures
    • Audits

    …as well as consequences for non-compliance.

    Sample of the 'Software Asset Management Policy' template.

    Use Info-Tech’s policy templates to build additional policies

    Supporting Tool icon 4.2.4 Build additional SAM policies

    Asset Security Policy
    The IT asset security policy will describe your organization's approach to ensuring the physical and digital security of your IT assets throughout their entire lifecycle.

    End-User Devices Acceptable Use Policy
    This policy should describe how business tools provided to employees are to be used in a responsible, ethical, and compliant manner, as well as the consequences of non-compliance.

    Purchasing Policy
    The purchasing policy helps to establish company standards, guidelines, and procedures for the purchase of all information technology hardware, software, and computer-related components as well as the purchase of all technical services.

    Release Management Policy
    Use this policy template to define and document the purpose, scope, objectives, and roles and responsibilities for your organization's release management program.

    Internet Acceptable Use Policy
    Use this template to help keep the internet use policy up to date. This policy template includes descriptions of acceptable and unacceptable use, security provisions, and disclaimers on the right of the organization to monitor usage and liability.

    Samples of additional SAM policies, listed to the left.

    Implement SAM in a phased, constructive approach

    One of the most difficult decisions to make when implementing a SAM program is: “where do we start?”

    It’s not necessary to deploy a comprehensive SAM program to start. Build on the essentials to become more mature as you grow.

    SAM Program Maturity (highest to lowest)

    • Audits and reporting
      Gather and analyze data about software assets to ensure compliance for audits and to continually improve the business.
    • Contracts and budget
      Analyze contracts and licenses for software across the enterprise and optimize planning to enable cost reduction.
    • Lifecycle standardization
      Define standards and processes for all asset lifecycle phases from request and procurement through to retirement and redistribution.
    • Inventory and tracking
      Define assets you will procure, distribute, and track. Know what you have, where it is deployed, and keep track of contracts and all relevant data.

    Integrate your SAM program with the organization to assist its implementation

    SAM cannot perform on its own – it must be integrated with other functional areas of the organization to maintain its stability and support.

    • Effective SAM is supported by a comprehensive set of processes as part of its implementation.
    • For example, integration with the procurement team’s processes and tools is required to track software purchases to mitigate software license compliance risk.
    • Integration with Finance is required to support internal cost allocations and chargebacks.
    • Integration with the service desk is required to track and deploy software requests.

    Info-Tech Best Practice

    To integrate SAM effectively, a clear implementation roadmap needs to be designed. Prioritize “quick wins” to demonstrate success to the business early and to gain buy-in from your team. Short-term gains should be designed to support long-term goals of your SAM program.

    Sample short-term goals
    • Identify inventory classification and tool
    • Create basic SAM policies and processes
    • Implement SAM auto-discovery tools
    Sample long-term goals
    • Software contract data integration
    • Continual improvement through review and revision
    • Software compliance reports, internal audits

    Develop a SAM roadmap to plan your implementation

    Associated Activity icon 4.2.5 Build a project roadmap
    1. Identify and review all initiatives that will be taken to implement or improve the software asset management program. These may fall under people, process, or technology-related tasks.
    2. Assign a priority level to each task (Quick Win, Low, Medium, High).
    3. Use the priority to sort tasks into start dates, breaking down by:
      1. Short, medium, or long-term
      2. 1 month, 3 months, 6 months, 12+ months
      3. Q1, Q2, Q3, Q4
    4. Review tasks and adjust start dates for some, if needed to set realistic and achievable timelines.
    5. Transfer tasks to a project plan or Gantt chart to formalize.
    Examples:
    Q1 Q2 Q3 Q4
    • Hire software asset manager
    • Document SOP
    • Define policies
    • Select a SAM tool
    • Create list of approved services and software
    • Define metrics
    • Inventory existing software and contracts
    • Build a patch policy
    • Build a service catalog
    • Contract renewal alignment
    • Run internal audit
    • Security review

    Review and maintain the SAM program to reach optimal maturity

    • SAM is a dynamic process. It must adapt to keep pace with the direction of the organization. New applications, different licensing needs, and a constant stream of new end users all contribute to complicating the licensing process.
    • As part of your organization’s journey to an optimized SAM program, put in place continual improvement practices to maintain momentum.

    A suggested cycle of review and maintenance for your SAM: 'Plan', 'Do', 'Check', 'Act'.

    Info-Tech Insight

    Advertising the increased revenue that is gained from good SAM practices is a powerful way to gain project buy-in.

    Keep the momentum going:

    • Clearly define ongoing responsibilities for each role.
    • Develop a training and awareness program for new employees to be introduced to SAM processes and policies.
    • Continually review and revise existing processes as necessary.
    • Measure the success of the program to identify areas for improvement and demonstrate successes.
    • Measure adherence to process and policies and enforce as needed.

    Reflect on the outcomes of implementing SAM to target areas for improvement and share knowledge gained within and beyond the SAM team. Some questions to consider include:

    1. How did the data compare to our expectations? Was the project a success?
    2. What obstacles were present that impacted the project?
    3. How can we apply lessons learned through this project to others in the future?

    If you want additional support, have our analysts guide you through this phase as part of an Info-Tech Workshop Associated Activity icon

    Book a workshop with our Info-Tech analysts:

    Photo of an Info-Tech analyst.
    • To accelerate this project, engage your IT team in an Info-Tech workshop with an Info-Tech analyst team.
    • Info-Tech analyst will join you and your team onsite at your location or welcome you to Info-Tech's historic Toronto office to participate in an innovative onsite workshop.
    • Contact your account manager (www.infotech.com/account), or email Workshops@InfoTech.com for more information.

    The following are sample activities that will be conducted by Info-Tech analysts with your team:

    4.2.1

    Sample of activity 4.2.1 'Develop a communication plan to convey the right messages'. Develop a communication plan to convey the right messages

    Identify stakeholders requiring communication and formulate a message and delivery method for each.

    4.2.5

    Sample of activity 4.2.5 'Develop a SAM roadmap to plan your implementation'. Develop a SAM roadmap to plan your implementation

    Outline the tasks necessary for the implementation of this project and prioritize to build a project roadmap.

    Phase 4 outline

    Associated Activity icon Call 1-888-670-8889 or email GuidedImplementations@InfoTech.com for more information.

    Complete these steps on your own, or call us to complete a guided implementation. A guided implementation is a series of 2-3 advisory calls that help you execute each phase of a project. They are included in most advisory memberships.

    Guided Implementation 4: Build supporting processes & tools

    Proposed Time to Completion (in weeks): 4
    Step 4.1: Compliance & audits Step 4.2: Communicate & build roadmap
    Start with an analyst kick-off call:
    • Discuss audit process
    • Define a process for internal audits
    • Define a process for external audit response
    Review findings with analyst:
    • Build communication plan
    • Discuss policy needs
    • Build a roadmap
    Then complete these activities…
    • Document internal audit process
    • Document external audit process
    • Prepare audit templates
    Then complete these activities…
    • Develop communication plan
    • Prepare an FAQ list for end users
    • Build SAM policies
    • Develop a roadmap
    With these tools & templates:
    • Standard Operating Procedures
    • Software Audit Scoping Email Template
    • Software Audit Launch Email Template
    With these tools & templates:
    • SAM Communication Plan
    • Software Asset Management FAQ Template
    • Software Asset Management Policy
    • Additional Policy Templates

    Bibliography

    2013 Software Audit Industry Report.” Express Metrix, 2013. Web.

    7 Vital Trends Disrupting Today’s Workplace: Results and Data from 2013 TINYpulse Employee Engagement Survey.” TINYpulse, 2013. Web.

    Beaupoil, Christof. “How to measure data quality and protect against software audits.” Network World, 6 June 2011.

    Begg, Daniel. “Effective Licence Position (ELP) – What is it really worth?” LinkedIn, 19 January 2016.

    Boehler, Bernhard. “Advanced License Optimization: Go Beyond Compliance for Maximum Cost Savings.” The ITAM Review, 24 November 2014.

    Bruce, Warren. “SAM Baseline – process & best practice.” Microsoft. 2013 Australia Partner Conference.

    Case Study Top 20 U.S. Bank Tackles Asset Management.” Pomeroy, 2012. Web.

    Cherwell Software Software Audit Industry Report.” Cherwell Software, 2015. Web.

    Conrad, Sandi. “SAM starter kit: everything you need to get started with software asset management. Conrad & Associates, 2010.

    Corstens, Jan, and Diederik Van der Sijpe. “Contract risk & compliance software asset management (SAM).” Deloitte, 2012.

    Deas, A., T. Markowitzm and E. Black. “Software asset management: high risk, high reward.” Deloitte, 2014.

    Doig, Chris. “Why you should always estimate ROI before buying enterprise software” CIO, 13 August 2015.

    Fried, Chuck. “America Needs An Education On Software Asset Management (SAM).” LinkedIn. 16 June 2015.

    Lyons, Gwen. “Understanding the Drivers Behind Application Rationalization Critical to Success.” Flexera Software Blog, 31 October 2012.

    Bibliography

    Metrics to Measure SAM Success: eight ways to prove your SAM program is delivering business benefits.” Snow Software White Paper, 2015.

    Microsoft. “The SAM Optimization Model.” Microsoft Corporation White Paper, 2010.

    Miller, D. and M. Oliver. “Engaging Stakeholders for Project Success.” Project Management Institute White Paper, 2015.

    Morrison, Dan. “5 Common Misconceptions of Software Asset Management.” SoftwareOne. 12 May 2015.

    O’Neill, Leslie T. “Visa Case Study: SAM in the 21st Century.” International Business Software Managers Association (IBSMA), 30 July 2014.

    Reducing Hidden Operating Costs Through IT Asset Discovery.” NetSupport Inc., 2011.

    SAM Summit 2014, 23-25 June 2014, University of Chicago Gleacher Center Conference Facilities, Chicago, MI.

    Saxby, Heather. “20 Things Every CIO Needs to Know about Software Asset Management.” Crayon Software Experts, 13 May 2015.

    The 2016 State of IT: Managing the money monsters for the coming year.” Spiceworks, 2016.

    The Hidden Cost of Unused Software.” A 1E Report, 1E.com: 2014. Web.

    What does it take to achieve software license optimization?” Flexera White Paper, 2013.

    Research contributors and experts

    Photo of Michael Dean, Director, User Support Services, Des Moines University Michael Dean
    Director, User Support Services
    Des Moines University
    Simon Leuty
    Co-Founder
    Livingstone Tech
    Photo of Simon Leuty, Co-Founder, Livingstone Tech
    Photo of Clare Walsh, PR Consultant, Adesso Tech Ltd. Clare Walsh
    PR Consultant
    Adesso Tech Ltd.
    Alex Monaghan
    Director, Presales EMEA
    Product Support Solutions
    Photo of Alex Monaghan, Director, Presales EMEA, Product Support Solutions

    Research contributors and experts

    Photo of Ben Brand, SAM Practice Manager, Insight Ben Brand
    SAM Practice Manager
    Insight
    Michael Swanson
    President
    ISAM
    Photo of Michael Swanson, President, ISAM
    Photo of Bruce Aboudara, SVP, Marketing & Business Development, Scalable Software Bruce Aboudara
    SVP, Marketing & Business Development
    Scalable Software
    Will Degener
    Senior Solutions Consultant
    Scalable Software
    Photo of Will Degener, Senior Solutions Consultant, Scalable Software

    Research contributors and experts

    Photo of Peter Gregorowicz, Associate Director, Network & Client Services, Vancouver Community College Peter Gregorowicz
    Associate Director, Network & Client Services
    Vancouver Community College
    Peter Schnitzler
    Operations Team Lead
    Toyota Canada
    Photo of Peter Schnitzler, Operations Team Lead, Toyota Canada
    Photo of David Maughan, Head of Service Transition, Mott MacDonald Ltd. David Maughan
    Head of Service Transition
    Mott MacDonald Ltd.
    Brian Bernard
    Infrastructure & Operations Manager
    Lee County Clerk of Court
    Photo of Brian Bernard, Infrastructure & Operations Manager, Lee County Clerk of Court

    Research contributors and experts

    Photo of Leticia Sobrado, IT Data Governance & Compliance Manager, Intercept Pharmaceuticals Leticia Sobrado
    IT Data Governance & Compliance Manager
    Intercept Pharmaceuticals

    Build an Application Rationalization Framework

    • Buy Link or Shortcode: {j2store}173|cart{/j2store}
    • member rating overall impact (scale of 10): 9.2/10 Overall Impact
    • member rating average dollars saved: $39,942 Average $ Saved
    • member rating average days saved: 23 Average Days Saved
    • Parent Category Name: Architecture & Strategy
    • Parent Category Link: /architecture-and-strategy
    • Almost two-thirds of organizations report that they have too many or far too many applications due to sprawl from poorly managed portfolios, and application managers are spending too much time supporting non-critical applications and not enough time on their most vital ones.
    • The necessary pieces of rationalization are rarely in one place. You need to assemble the resources to collect vital rationalization criteria.
    • There is a lack of standard practices to define the business value that the applications in a portfolio provide, and without value rationalization, decisions are misaligned to business needs.

    Our Advice

    Critical Insight

    There is no “one size fits all.” Applying a rigid approach to rationalization with inflexible inputs can delay or prevent you from realizing value. Play to your strengths and build a framework that aligns to your goals and limitations.

    Impact and Result

    • Define the roles, responsibilities, and outputs for application rationalization within your application portfolio management practice.
    • Build a tailored application rationalization framework (ARF) aligned with your motivations, goals, and limitations.
    • Apply the various application assessments to produce the information that your dispositions will be based on.
    • Initiate an application portfolio roadmap that will showcase your rationalization decisions to key stakeholders.

    Build an Application Rationalization Framework Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should rationalize your applications and why you need a framework that is specific to your goals and limitations, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Lay your foundations

    Define the motivations, goals, and scope of your rationalization effort. Build the action plan and engagement tactics to roll out the rationalization activities.

    • Build an Application Rationalization Framework – Phase 1: Lay Your Foundations
    • Application Rationalization Tool

    2. Plan your application rationalization framework

    Understand the core assessments performed in application rationalizations. Define your application rationalization framework and degree of rigor in applying these assessments based on your goals and limitations.

    • Build an Application Rationalization Framework – Phase 2: Plan Your Application Rationalization Framework

    3. Test and adapt your application rationalization framework

    Test your application rationalization framework using Info-Tech’s tool set on your first iteration. Perform a retrospective and adapt your framework based on that experience and outcomes.

    • Build an Application Rationalization Framework – Phase 3: Test and Adapt Your Application Rationalization Framework
    • Application TCO Calculator
    • Value Calculator

    4. Initiate your roadmap

    Review, determine, and prioritize your dispositions to ensure they align to your goals. Initiate an application portfolio roadmap to showcase your rationalization decisions to key stakeholders.

    • Build an Application Rationalization Framework – Phase 4: Initiate Your Roadmap
    • Disposition Prioritization Tool
    [infographic]

    Workshop: Build an Application Rationalization Framework

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Lay Your Foundations

    The Purpose

    Define the goals, scope, roles, and responsibilities of your rationalization effort.

    Key Benefits Achieved

    Defined motivations, long and short-term goals, and metrics for your rationalization effort.

    Definition of application.

    Defined roles and responsibilities for your rationalization effort.

    Activities

    1.1 Define motivations and goals for rationalization.

    1.2 Define “application.”

    1.3 Identify team and responsivities.

    1.4 Adapt target dispositions.

    1.5 Initiate Application Rationalization Framework (ARF).

    Outputs

    Goals, motivations, and metrics for rationalizations

    Definition of “Application”

    Defined dispositions

    Defined core APM team and handoffs

    2 Assess Business Value

    The Purpose

    Review and adapt Info-Tech’s methodology and toolset.

    Assess business value of applications.

    Key Benefits Achieved

    Tailored application rationalization framework

    Defined business value drivers

    Business value scores for applications

    Activities

    2.1 Review Application Rationalization Tool.

    2.2 Review focused apps, capabilities, and areas of functionality overlap.

    2.3 Define business value drivers.

    2.4 Determine the value score of focused apps.

    Outputs

    Application Rationalization Tool

    List of functional overlaps

    Weighed business value drivers

    Value scores for focused application

    Value Calculator

    3 Gather Application Information

    The Purpose

    Continue to review and adapt Info-Tech’s methodology and toolset.

    Key Benefits Achieved

    Tailored application rationalization framework

    TCO values for applications

    Technical health review of applications

    Recommended dispositions for applications

    Activities

    3.1 Determine TCO for focused apps.

    3.2 Determine technical health of focused apps.

    3.3 Review APA.

    3.4 Review recommended dispositions.

    3.5 Perform retrospective of assessments and adapt ARF.

    Outputs

    TCO of focused applications

    TCO Calculator

    Technical health of focused apps

    Defined rationalization criteria

    Recommended disposition for focused apps

    4 Gather, Assess, and Select Dispositions

    The Purpose

    Review and perform high-level prioritization of dispositions.

    Build a roadmap for dispositions.

    Determine ongoing rationalization and application portfolio management activities.

    Key Benefits Achieved

    Application Portfolio Roadmap

    Prioritized Dispositions

    Activities

    4.1 Determine dispositions.

    4.2 Prioritize dispositions.

    4.3 Initiate portfolio roadmap.

    4.4 Build an action plan for next iterations and ongoing activities.

    4.5 Finalize ARF.

    Outputs

    Disposition Prioritization Tool

    Application portfolio roadmap

    Action plan for next iterations and ongoing activities

    Further reading

    Build an Application Rationalization Framework

    Manage your application portfolio to minimize risk and maximize value.

    Analyst Perspective

    "You're not rationalizing for the sake of IT, you’re rationalizing your apps to create better outcomes for the business and your customers. Consider what’s in it for delivery, operations, the business, and the customer." – Cole Cioran, Senior Director – Research, Application Delivery and Management

    Our understanding of the problem

    This Research Is Designed For:

    • Application portfolio managers, application portfolio management (APM) teams, or any application leaders who are tasked with making application portfolio decisions.
    • Application leaders looking to align their portfolios to the organization’s strategy.
    • Application leaders who need a process for rationalizing their applications.

    This Research Will Help You:

    • Measure the business value of your applications.
    • Rationalize your portfolio to determine the best disposition for each application.
    • Initiate a roadmap that will showcase the future of your applications.

    This Research Will Also Assist:

    • CIOs and other business leaders who need to understand the applications in their portfolio, the value they contribute to the business, and their strategic direction over a given timeline.
    • Steering committees and/or the PMO that needs to understand the process by which application dispositions are generated.

    This Research Will Help Them:

    • Build their reputation as an IT leader who drives the business forward.
    • Define the organization’s value statement in the context of IT and their applications.
    • Visualize the roadmap to the organization’s target application landscape.

    Executive Summary

    Situation

    • Almost two-thirds of organizations report that they have too many or far too many applications due to sprawl from poorly managed portfolios (Flexera, 2015).
    • Application managers are spending too much time supporting non-critical applications and not enough time on their most vital ones.
    • Application managers need their portfolios to be current and effective and evolve continuously to support the business or risk being marginalized.

    Complication

    • The necessary pieces of rationalization are rarely in one place. You need to assemble the resources to collect vital rationalization criteria.
    • There is a lack of standard practices to define the business value that the applications in a portfolio provide and, without value rationalization, decisions are misaligned to business needs.

    Resolution

    • Define the roles, responsibilities, and outputs for application rationalization within your application portfolio management (APM) and other related practices.
    • Build a tailored application rationalization framework (ARF) aligned with your motivations, goals, and limitations.
    • Apply the various application assessments to produce the information, which your dispositions will be based on, and adapt your ARF based on the experiences of your first iteration.
    • Review, determine, and prioritize your application dispositions to create a portfolio strategy aligned to your goals.
    • Initiate an application portfolio roadmap, which will showcase your rationalization decisions to key stakeholders.

    Info-Tech Insight

    There is no one size fits all.

    Applying a rigid approach with inflexible inputs can delay or prevent you from realizing value. Play to your strengths and build a framework that aligns to your goals and limitations.

    Business value must drive your decisions.

    Of the 11 vendor capabilities asked about by Info-Tech’s SoftwareReviews, “business value created” has the second highest relationship with overall software satisfaction.

    Take an iterative approach.

    Larger approaches take longer and are more likely to fail. Identify the applications that best address your strategic objectives, then: rationalize, learn, repeat.

    Info-Tech recommends a disciplined, step-by-step approach as outlined in our Application Portfolio Strategy Program

    Step 1 "No Knowledge": Define application capabilities and visualize lifecycle stages

    Application Discovery

    1. Build in Application Portfolio Management Principles.
    2. Conduct Application Alignment.
    3. Build Detailed Application Inventory

    Step 2 "No Strategy": Rationalize application portfolio and visualize strategic directions

    Application Rationalization

    1. Set Your Rationalization Framework
    2. Conduct Assessment & Assign Dispositions
    3. Create an Application Portfolio Roadmap

    Step 3 "No Plan": Build a product roadmap and visualize the detailed plan

    Detailed Disposition Planning

    1. Conduct an Impact Assessment
    2. Determine the Details of the Disposition
    3. Create Detailed Product Roadmaps

    This blueprint focuses on step 2 of Info-Tech's Application Portfolio Strategy Program. Our methodology assumes you have completed the following activities, which are outlined in Discover Your Applications.

    • Collected your full application inventory (including Shadow IT)
    • Aligned applications to business capabilities
    • Determined redundant applications
    • Identified appropriate subject matter experts (business and technical) for your applications

    Info-Tech's four-phase methodology

    Phase 1

    Lay Your Foundations

    • Define Motivations, Goals, and Scope
    • Iteration and Engagement Planning

    This phase is intended to establish the fundamentals in launching either a rationalization initiative or ongoing practice.

    Here we define goals, scope, and the involvement of various roles from both IT and the business.

    Phase 2

    Plan Your ARF

    • Establish Rationalization Inputs and Current Gaps

    This phase is intended to review a high-level approach to rationalization and determine which analyses are necessary and their appropriate level of depth.

    Here we produce an initial ARF and discuss any gaps in terms of the availability of necessary data points and additional collection methods that will need to be applied.

    Phase 3

    Test and Adapt Your ARF

    • Perform First Iteration Analysis
    • First Iteration Retrospective and Adaptation

    This phase is intended to put the ARF into action and adapt as necessary to ensure success in your organization.

    If appropriate, here we apply Info-Tech’s ARF and toolset and test it against a set of applications to determine how best to adapt these materials for your needs.

    Phase 4

    Initiate Your Roadmap

    • Prioritize and Roadmap Applications
    • Ongoing Rationalization and Roadmapping

    This phase is intended to capture results of rationalization and solidify your rationalization initiative or ongoing practice.

    Here we aim to inject your dispositions into an application portfolio roadmap and ensure ongoing governance of APM activities.

    There is an inconsistent understanding and ownership of the application portfolio

    What can I discover about my portfolio?

    Application portfolios are misunderstood.

    Portfolios are viewed as only supportive in nature. There is no strategy or process to evaluate application portfolios effectively. As a result, organizations build a roadmap with a lack of understanding of their portfolio.

    72% of organizations do not have an excellent understanding of the application portfolio (Capgemini).

    How can I improve my portfolio?

    Misalignment between Applications and Business Operations

    Applications fail to meet their intended function, resulting in duplication, a waste of resources, and a decrease in ROI. This makes it harder for IT to justify to the business the reasons to complete a roadmap.

    48% of organizations believe that there are more applications than the business requires (Capgemini).

    How can my portfolio help transform the business?

    IT's budget is to keep the lights on.

    The application portfolio is complex and pervasive and requires constant support from IT. This makes it increasingly difficult for IT to adopt or develop new strategies since its immediate goal will always be to fix what already exists. This causes large delays and breaks in the timeline to complete a roadmap.

    68% of IT directors have wasted time and money because they did not have better visibility of application roadmaps (ComputerWeekly).

    Roadmaps can be the solution, but stall when they lack the information needed for good decision making

    An application portfolio roadmap provides a visual representation of your application portfolio, is used to plan out the portfolio’s strategy over a given time frame, and assists management in key decisions. But…

    • You can’t change an app without knowing its backend.
    • You can't rationalize what you don't know.
    • You can’t confirm redundancies without knowing every app.
    • You can’t rationalize without the business perspective.

    A roadmap is meaningless if you haven’t done any analysis to understand the multiple perspectives on your applications.

    Application rationalization ensures roadmaps reflect what the business actually wants and needs

    Application rationalization is the practice of strategically identifying business applications across an organization to determine which applications should be kept, replaced, retired, or consolidated (TechTarget).

    Discover, Improve, and Transform Through Application Rationalization

    Your application rationalization effort increases the maturity of your roadmap efforts by increasing value to the business. Go beyond the discover phase – leverage application rationalization insights to reach the improve and transform phases.

    Strong Apps Are Key to Business Satisfaction

    79% of organizations with high application suite satisfaction believe that IT offers the organization a competitive edge over others in the industry. (Info-Tech Research Group, N=230)

    Info-Tech Insight

    Companies with an effective portfolio are twice as likely to report high-quality applications, four times as likely to report high proficiency in legacy apps management, and six times as likely to report strong business alignment.

    Rationalization comes at a justified cost

    Rationalization can reduce costs and drive innovation

    Projecting the ROI of application rationalization is difficult and dangerous when used as the only marker for success.

    However, rationalization, when done effectively, will help drop operational or maintenance costs of your applications as well as provide many more opportunities to add value to the business.

    A graph with Time on the X-axis and Cost on the Y axis. The graph compares cost before rationalization, where the cost of the existing portfolio is high, with cost after rationalization, where the cost of the existing portfolio is reduced. The graph demonstrates a decrease in overall portfolio spend after rationalization

    Organizations lack a strategic approach to application rationalization, leading to failure

    IT leaders strive to push the business forward but are stuck in a cycle of reaction where they manage short-term needs rather than strategic approaches.

    Why Is This the Case?

    Lack of Relevant Information

    Rationalization fails without appropriately detailed, accurate, and up-to-date information. You need to identify what information is available and assemble the teams to collect and analyze it.

    Failure to Align With Business Objectives

    Rationalization fails when you lack a clear list of strategic and collaborative priorities; priorities need to be both IT and non-IT related to align with the business objectives and provide value.

    IT Leaders Fails to Justify Projects

    Adhering to a rigid rationalization process can be complex and costly. Play to your strengths and build an ARF based on your goals and limitations.

    Info-Tech Insight

    Misaligned portfolio roadmaps are known to lead teams and projects into failure!
    Building an up-to-date portfolio roadmap that aligns business objectives to IT objectives will increase approval and help the business see the long-term value of roadmapping.

    Don’t start in the middle; ensure you have the basics down

    Application portfolio strategy practice maturity stages

    1. Discover Your Applications
    2. Improve
    3. Transform
    A graph with Rigor of APM Practice on the X-axis and Value to the Business on the Y-axis. The content of the graph is split into the 3 maturity stages, Discover, Improve, and Transform. With each step, the Value to the Business and Rigor of APM Practice increase.

    Disambiguate your systems and clarify your scope

    Define the items that make up your portfolio.

    Broad or unclear definitions of “application” can complicate the scope of rationalization. Take the time to define an application and come to a common understanding of the systems which will be the focus of your rationalization effort.

    Bundling systems under common banner or taking a product view of your applications and components can be an effective way to ensure you include your full collection of systems, without having to perform too many individual assessments.

    Scope

    Single... Capability enabled by... Whole...
    Digital Product + Service Digital Platform Platform Portfolio Customer Facing
    Product (one or more apps) Product Family Product Portfolio

    Application Application Architecture Application Portfolio Internal

    A graphic listing the following products: UI, Applications, Middleware, Data, and Infrastructure. A banner reading APIs runs through all products, and UI, Applications, and Middleware are bracketed off as Application

    Info-Tech’s framework can be applied to portfolios of apps, products, and their related capabilities or services.

    However you organize your tech stack, Info-Tech’s application rationalization framework can be applied.

    Understand the multiple lenses of application rationalization and include in your framework

    There are many lenses to view your applications. Rationalize your applications using all perspectives to assess your portfolio and determine the most beneficial course of action.

    Application Alignment - Architect Perspective

    How well does the entire portfolio align to your business capabilities?

    Are there overlaps or redundancies in your application features?

    Covered in Discover Your Applications.

    Business Value - CEO Perspective

    Is the application producing sufficient business value?

    Does it impact profitability, enable capabilities, or add any critical factor that fulfills the mission and vision?

    TCO - CIO Perspective

    What is the overall cost of the application?

    What is the projected cost as your organization grows? What is the cost to maintain the application?

    End User

    How does the end user perceive the application?

    What is the user experience?

    Do the features adequately support the intended functions?

    Is the application important or does it have high utilization?

    Technical Value - App Team Perspective

    What is the state of the backend of the application?

    Has the application maintained sufficient code quality? Is the application reliable? How does it fit into your application architecture?

    Each perspective requires its own analysis and is an area of criteria for rationalization.

    Apply the appropriate amount of rigor for your ARF based on your specific goals and limitations

    Ideally, the richer the data the better the results, but the reality is in-depth analysis is challenging and you’ll need to play to your strengths to be successful.

    Light-Weight Assessment

    App to capability alignment.

    Determine overlaps.

    Subjective 1-10 scale

    Subjective T-shirt size (high, med., low)

    End-user surveys

    Performance temperature check

    Thorough Analysis

    App to process alignment.

    Determine redundancies.

    Apply a value measurement framework.

    Projected TCO with traceability to ALM & financial records.

    Custom build interviews with multiple end users

    Tool and metric-based analysis

    There is no one-size-fits all rationalization. The primary goal of this blueprint is to help you determine the appropriate level of analysis given your motivations and goals for this effort as well as the limitations of resources, timeline, and accessible information.

    Rationalize and build your application portfolio strategy the right way to ensure success

    Big-Bang Approach

    • An attempt to assess the whole portfolio at once.
    • The result is information overload.
    • Information gathered is likely incomplete and/or inaccurate.
    • Tangible benefits are a long time away.

    Covert Approach

    • Information is collected behind the scenes and whenever information sources are available.
    • Assumptions about the business use of applications go unconfirmed.

    Corner-of-the-Desk Approach

    • No one is explicitly dedicated to building a strategy or APM practices.
    • Information is collected whenever the application team has time available.
    • Benefits are pushed out and value is lost.

    Iterative Approach

    • Carried out in phases, concentrating on individual business units or subsets of applications.
    • Priority areas are completed first.
    • The APM practice strengthens through experience.

    Sponsored Mandate Approach

    • The appropriate business stakeholders participate.
    • Rationalization is given project sponsors who champion the practice and communicate the benefits across the organization.

    Dedicated Approach

    • Rationalization and other APM activities are given a budget and formal agenda.
    • Roles and responsibilities are assigned to team members.

    Use Info-Tech’s Application Portfolio Assessment Diagnostic to add the end users’ perspective to your decision making

    Prior to Blueprint: Call 1-888-670-8889 to inquire about or request the Application Portfolio Assessment.

    Info-Tech Best Practice

    The approach in this blueprint has been designed in coordination with Info-Tech’s Application Portfolio Assessment (APA) Diagnostic. While it is not a prerequisite, your project will experience the best results and be completed much quicker by taking advantage of our diagnostic offering prior to initiating the activities in this blueprint.

    Use the program diagnostic to:

    • Assess the importance and satisfaction of enterprise applications.
    • Solicit feedback from your end users on applications being used.
    • Understand the strengths and weaknesses of your current applications.
    • Perform a high-level application rationalization initiative.

    Integrate diagnostic results to:

    • Target which applications to analyze in greater detail.
    • Expand on the initial application rationalization results with a more comprehensive and business-value-focused criteria.

    Use Info-Tech’s Application Rationalization Tool to determine and then visualize your application portfolio strategy

    At the center of this project is an Application Rationalization Tool that is used as a living document of your:

      1. Customizable Application Rationalization Framework

      2. Recommendation Dispositions

      3. Application Portfolio Roadmap (seen below)

    Use the step-by-step advice within this blueprint to rationalize your application portfolio and build a realistic and accurate application roadmap that drives business value.

    Central to our approach to application rationalization are industry-leading frameworks

    Info-Tech uses the APQC and COBIT5 frameworks for certain areas of this research. Contextualizing application rationalization within these frameworks clarifies its importance and role and ensures that our assessment tool is focused on key priority areas. The APQC and COBIT5 frameworks are used as a starting point for assessing application effectiveness within specific business capabilities of the different components of application rationalization.

    APQC is one of the world's leading proponents of business benchmarking, best practices, and knowledge management research.

    COBIT 5 is the leading framework for the governance and management of enterprise IT.

    In addition to industry-leading frameworks, our best-practice approach is enhanced by the insights and guidance from our analysts, industry experts, and our clients.

    Our peer network of over 33,000 happy clients proves the effectiveness of our research.

    Our team conducts 1,000+ hours of primary and secondary research to ensure that our approach is enhanced by best practices.

    A public utility organization is using Info-Tech’s approach for rationalization of its applications for reduced complexity

    Case Study

    Industry: Public Sector

    Source: Info-Tech Research Group

    Challenge

    • The public utility has a complex application portfolio, with a large number of applications custom-built that provide limited functionality to certain business groups.
    • The organization needed to move away from custom point solutions and adopt more hosted solutions to cater to larger audiences across business domains.
    • The organization required a comprehensive solution for the following:
      • Understanding how applications are being used by business users.
      • Unraveling the complexity of its application landscape using a formal rationalization process.

    Solution

    • The organization went through a rationalization process with Info-Tech in a four-day onsite engagement to determine the following:
      • Satisfaction level and quality evaluation of end users’ perception of application functionality.
      • Confirmation on what needs to be done with each application under assessment.
      • The level of impact the necessary changes required for a particular application would have on the greater app ecosystem.
      • Prioritization methodology for application roadmap implementation.

    Results

    • Info-Tech’s Application Portfolio Assessment Diagnostic report helped the public utility understand what applications users valued and found difficult to use.
    • The rationalization process gave insight into situations where functionality was duplicated across multiple applications and could be consolidated within one application.
    • The organization determined that its application portfolio was highly complex, and Info-Tech provided a good framework for more in-depth analysis.
    • The organization now has a rationalization process that it can take to other business domains.

    Application Development Quality

    • Buy Link or Shortcode: {j2store}26|cart{/j2store}
    • Related Products: {j2store}26|crosssells{/j2store}
    • member rating overall impact (scale of 10): 10.0/10
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Applications
    • Parent Category Link: /applications
    Apply quality assurance across your critical development process steps to secure quality to product delivery

    Build an IT Risk Taxonomy

    • Buy Link or Shortcode: {j2store}197|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: IT Governance, Risk & Compliance
    • Parent Category Link: /it-governance-risk-and-compliance
    • Business leaders, driven by the need to make more risk-informed decisions, are putting pressure on IT to provide more timely and consistent risk reporting.
    • IT risk managers need to balance the emerging threat landscape with not losing sight of the risks of today.
    • IT needs to strengthen IT controls and anticipate risks in an age of disruption.

    Our Advice

    Critical Insight

    A common understanding of risks, threats, and opportunities gives organizations the flexibility and agility to adapt to changing business conditions and drive corporate value.

    Impact and Result

    • Use this blueprint as a baseline to build a customized IT risk taxonomy suitable for your organization.
    • Learn about the role and drivers of integrated risk management and the benefits it brings to enterprise decision-makers.
    • Discover how to set up your organization up for success by understanding how risk management links to organizational strategy and corporate performance.

    Build an IT Risk Taxonomy Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build an IT Risk Taxonomy – Develop a common approach to managing risks to enable faster, more effective decision making.

    Learn how to develop an IT risk taxonomy that will remain relevant over time while providing the granularity and clarity needed to make more effective risk-based decisions.

    • Build an IT Risk Taxonomy – Phases 1-3

    2. Build an IT Risk Taxonomy Guideline and Template – A set of tools to customize and design an IT risk taxonomy suitable for your organization.

    Leverage these tools as a starting point to develop risk levels and definitions appropriate to your organization. Take a collaborative approach when developing your IT risk taxonomy to gain greater acceptance and understanding of accountability.

    • IT Risk Taxonomy Committee Charter Template
    • Build an IT Risk Taxonomy Guideline
    • Build an IT Risk Taxonomy Definitions
    • Build an IT Risk Taxonomy Design Template

    3. IT Risk Taxonomy Workbook – A place to complete activities and document decisions that may need to be communicated.

    Use this workbook to document outcomes of activities and brainstorming sessions.

    • Build an IT Risk Taxonomy Workbook

    4. IT Risk Register – An internal control tool used to manage IT risks. Risk levels archived in this tool are instrumental to achieving an integrated and holistic view of risks across an organization.

    Leverage this tool to document risk levels, risk events, and controls. Smaller organizations can leverage this tool for risk management while larger organizations may find this tool useful to structure and define risks prior to using a risk management software tool.

    • Risk Register Tool

    Infographic

    Workshop: Build an IT Risk Taxonomy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Review IT Risk Fundamentals and Governance

    The Purpose

    Review IT risk fundamentals and governance.

    Key Benefits Achieved

    Learn how enterprise risk management and IT risk management intersect and the role the IT taxonomy plays in integrated risk management.

    Activities

    1.1 Discuss risk fundamentals and the benefits of integrated risk.

    1.2 Create a cross-functional IT taxonomy working group.

    Outputs

    IT Risk Taxonomy Committee Charter Template

    Build an IT Risk Taxonomy Workbook

    2 Identify Level 1 Risk Types

    The Purpose

    Identify suitable IT level 1 risk types.

    Key Benefits Achieved

    Level 1 IT risk types are determined and have been tested against ERM level one risk types.

    Activities

    2.1 Discuss corporate strategy, business risks, macro trends, and organizational opportunities and constraints.

    2.2 Establish level 1 risk types.

    2.3 Test soundness of IT level 1 types by mapping to ERM level 1 types.

    Outputs

    Build an IT Risk Taxonomy Workbook

    3 Identify Level 2 and Level 3 Risk Types

    The Purpose

    Define level 2 and level 3 risk types.

    Key Benefits Achieved

    Level 2 and level 3 risk types have been determined.

    Activities

    3.1 Establish level 2 risk types.

    3.2 Establish level 3 risk types (and level 4 if appropriate for your organization).

    3.3 Begin to test by working backward from controls to ensure risk events will aggregate consistently.

    Outputs

    Build an IT Risk Taxonomy Design Template

    Risk Register Tool

    4 Monitor, Report, and Respond to IT Risk

    The Purpose

    Test the robustness of your IT risk taxonomy by populating the risk register with risk events and controls.

    Key Benefits Achieved

    Your IT risk taxonomy has been tested and your risk register has been updated.

    Activities

    4.1 Continue to test robustness of taxonomy and iterate if necessary.

    4.2 Optional activity: Draft your IT risk appetite statements.

    4.3 Discuss communication and continual improvement plan.

    Outputs

    Build an IT Risk Taxonomy Design Template

    Risk Register Tool

    Build an IT Risk Taxonomy Workbook

    Further reading

    Build an IT Risk Taxonomy

    If integrated risk is your destination, your IT risk taxonomy is the road to get you there.

    Analyst Perspective

    Donna Bales.

    The pace and uncertainty of the current business environment introduce new and emerging vulnerabilities that can disrupt an organization’s strategy on short notice.

    Having a long-term view of risk while navigating the short term requires discipline and a robust and strategic approach to risk management.

    Managing emerging risks such as climate risk, the impact of digital disruption on internal technology, and the greater use of third parties will require IT leaders to be more disciplined in how they manage and communicate material risks to the enterprise.

    Establishing a hierarchical common language of IT risks through a taxonomy will facilitate true aggregation and integration of risks, enabling more effective decision making. This holistic, disciplined approach to risk management helps to promote a more sustainable risk culture across the organization while adding greater rigor at the IT control level.

    Donna Bales
    Principal Research Director
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Common Obstacles

    Info-Tech’s Approach

    IT has several challenges when managing and responding to risk events:

    • Business leaders, driven by the need to make more risk-informed decisions, are putting pressure on IT to provide more timely and consistent risk reporting.
    • Navigating today’s ever-evolving threat landscape is complex. IT risk managers need to balance the emerging threat landscape while not losing sight of the risks of today.
    • IT needs to strengthen IT controls and anticipate risks in an age of disruption.

    Many IT organizations encounter obstacles in these areas:

    • Ensuring an integrated, well-coordinated approach to risk management across the organization.
    • Developing an IT risk taxonomy that will remain relevant over time while providing sufficient granularity and definitional clarity.
    • Gaining acceptance and ensuring understanding of accountability. Involving business leaders and a wide variety of risk owners when developing your IT risk taxonomy will lead to greater organizational acceptance.

    .

    • Take a collaborative approach when developing your IT risk taxonomy to gain greater acceptance and understanding of accountability.
    • Spend the time to fully analyze your current and future threat landscape when defining your level 1 IT risks and consider the causal impact and complex linkages and intersections.
    • Recognize that the threat landscape will continue to evolve and that your IT risk taxonomy is a living document that must be continually reviewed and strengthened.

    Info-Tech Insight

    A common understanding of risks, threats, and opportunities gives organizations the flexibility and agility to adapt to changing business conditions and drive corporate value.

    Increasing threat landscape

    The risk landscape is continually evolving, putting greater pressure on the risk function to work collaboratively throughout the organization to strengthen operational resilience and minimize strategic, financial, and reputational impact.

    Financial Impact

    Strategic Risk

    Reputation Risk

    In IBM’s 2021 Cost of a Data Breach Report, the Ponemon Institute found that data security breaches now cost companies $4.24 million per incident on average – the highest cost in the 17-year history of the report.

    58% percent of CROs who view inability to manage cyber risks as a top strategic risk.

    EY’s 2022 Global Bank Risk Management survey revealed that Chief Risk Officers (CROs) view the inability to manage cyber risk and the inability to manage cloud and data risk as the top strategic risks.

    Protiviti’s 2023 Executive Perspectives on Top Risks survey featured operational resilience within its top ten risks. An organization’s failure to be sufficiently resilient or agile in a crisis can significantly impact operations and reputation.

    Persistent and emerging threats

    Organizations should not underestimate the long-term impact on corporate performance if emerging risks are not fully understood, controlled, and embedded into decision-making.

    Talent Risk

    Sustainability

    Digital Disruption

    Protiviti’s 2023 Executive Perspectives on Top Risks survey revealed talent risk as the top risk organizations face, specifically organizations’ ability to attract and retain top talent. Of the 38 risks in the survey, it was the only risk issue rated at a “significant impact” level.

    Sustainability is at the top of the risk agenda for many organizations. In EY’s 2022 Global Bank Risk Management survey, environmental, social, and governance (ESG) risks were identified as a risk focus area, with 84% anticipating it to increase in priority over the next three years. Yet Info-Tech’s Tech Trends 2023 report revealed that only 24% of organizations could accurately report on their carbon footprint.

    Source: Info-Tech 2023 Tech Trends Report

    The risks related to digital disruption are vast and evolving. In the short term, risks surface in compliance and skills shortage, but Protiviti’s 2023 Executive Perspectives survey shows that in the longer term, executives are concerned that the speed of change and market forces may outpace an organization’s ability to compete.

    Build an IT risk taxonomy: As technology and digitization continue to advance, risk management practices must also mature. To strengthen operational and financial resiliency, it is essential that organizations move away from a siloed approach to IT risk management wart an integrated approach. Without a common IT risk taxonomy, effective risk assessment and aggregation at the enterprise level is not possible.

    Blueprint benefits

    IT Benefits

    Business Benefits

    • Simple, customizable approach to build an IT risk taxonomy
    • Improved satisfaction with IT for senior leadership and business units
    • Greater ability to respond to evolving threats
    • Improved understanding of IT’s role in enterprise risk management (ERM)
    • Stronger, more reliable internal control framework
    • Reduced operational surprises and failures
    • More dynamic decision making
    • More proactive risk responses
    • Improve transparency and comparability of risks across silos
    • Better financial resilience and confidence in meeting regulatory requirements
    • More relevant risk assurance for key stakeholders

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    IT Risk Taxonomy Committee Charter Template

    Create a cross-functional IT risk taxonomy committee.

    The image contains a screenshot of the IT risk taxonomy committee charter template.

    Build an IT Risk Taxonomy Guideline

    Use IT risk taxonomy as a baseline to build your organization’s approach.

    The image contains a screenshot of the build an it risk taxonomy guideline.

    Build an IT Risk Taxonomy Design Template

    Use this template to design and test your taxonomy.

    The image contains a screenshot of the build an IT risk taxonomy design template.

    Risk Register Tool

    Update your risk register with your IT risk taxonomy.

    The image contains a screenshot of the risk register tool.

    Key deliverable:

    Build an IT Risk Taxonomy Workbook

    Use the tools and activities in each phase of the blueprint to customize your IT risk taxonomy to suit your organization’s needs.

    The image contains a screenshot of the build an IT risk taxonomy workbook.

    Benefit from industry-leading best practices

    As a part of our research process, we used the COSO, ISO 31000, and COBIT 2019 frameworks. Contextualizing IT risk management within these frameworks ensures that our project-focused approach is grounded in industry-leading best practices for managing IT risk.

    COSO’s Enterprise Risk Management —Integrating with Strategy and Performance addresses the evolution of enterprise risk management and the need for organizations to improve their approach to managing risk to meet the demands of an evolving business environment.

    ISO 31000 – Risk Management can help organizations increase the likelihood of achieving objectives, improve the identification of opportunities and threats, and effectively allocate and use resources for risk treatment.

    COBIT 2019’s IT functions were used to develop and refine the ten IT risk categories used in our top-down risk identification methodology.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    Phase 1 Phase 2 Phase 3

    Call #1: Review risk management fundamentals.

    Call #2: Review the role of an IT risk taxonomy in risk management.

    Call #3: Establish a cross-functional team.

    Calls #4-5: Identify level 1 IT risk types. Test against enterprise risk management.

    Call #6: Identify level 2 and level 3 risk types.

    Call #7: Align risk events and controls to level 3 risk types and test.

    Call #8: Update your risk register and communicate taxonomy internally.

    A Guided Implementation (GI) is a series

    of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 6 to 8 calls over the course of 3 to 6 months.

    Workshop Overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Day 1 Day 2 Day 3 Day 4 Day 5

    Review IT Risk Fundamentals and Governance

    Identify Level 1 IT Risk Types

    Identify Level 2 and Level 3 Risk Types

    Monitor, Report, and Respond to IT Risk

    Next Steps and
    Wrap-Up (offsite)

    Activities

    1.1 Discuss risk fundamentals and the benefits of integrated risk.

    1.2 Create a cross-functional IT taxonomy working group.

    2.1 Discuss corporate strategy, business risks, macro trends, and organizational opportunities and constraints.

    2.2 Establish level 1 risk types.

    2.3 Test soundness of IT level 1 types by mapping to ERM level 1 types.

    3.1 Establish level 2 risk types.

    3.2 Establish level 3 risk types (and level 4 if appropriate for your organization).

    3.3 Begin to test by working backward from controls to ensure risk events will aggregate consistently.

    4.1 Continue to test robustness of taxonomy and iterate if necessary.

    4.2 Optional activity: Draft your IT risk appetite statements.

    4.3 Discuss communication and continual improvement plan.

    5.1 Complete in-progress deliverables from previous four days.

    5.2 Set up review time for workshop deliverables and to discuss next steps.

    Deliverables
    1. T Risk Taxonomy Committee Charter Template
    2. Build an IT Risk Taxonomy Workbook
    1. Build an IT Risk Taxonomy Workbook
    1. IT Risk Taxonomy Design Template
    2. Risk Register
    1. IT Risk Taxonomy Design Template
    2. Risk Register
    3. Build an IT Risk Taxonomy Workbook
    1. Workshop Report

    Phase 1

    Understand Risk Management Fundamentals

    Phase 1

    Phase 2

    Phase 3

    • Governance, Risk, and Compliance
    • Enterprise Risk Management
    • Enterprise Risk Appetite
    • Risk Statements and Scenarios
    • What Is a Risk Taxonomy?
    • Functional Role of an IT Risk Taxonomy
    • Connection to Enterprise Risk Management
    • Establish Committee
    • Steps to Define IT Risk Taxonomy
    • Define Level 1
    • Test Level 1
    • Define Level 2 and 3
    • Test via Your Control Framework

    Governance, risk, and compliance (GRC)

    Risk management is one component of an organization’s GRC function.

    GRC principles are important tools to support enterprise management.

    Governance sets the guardrails to ensure that the enterprise is in alignment with standards, regulations, and board decisions. A governance framework will communicate rules and expectations throughout the organization and monitor adherence.

    Risk management is how the organization protects and creates enterprise value. It is an integral part of an organization’s processes and enables a structured decision-making approach.

    Compliance is the process of adhering to a set of guidelines; these could be external regulations and guidelines or internal corporate policies.

    GRC principles are tightly bound and continuous

    The image contains a screenshot of a continuous circle that is divided into three parts: risk, compliance, and governance.

    Enterprise risk management

    Regardless of size or structure, every organization makes strategic and operational decisions that expose it to uncertainties.

    Enterprise risk management (ERM) is a strategic business discipline that supports the achievement of an organization’s objectives by addressing the full spectrum of its risks and managing the combined impact of those risks as an interrelated risk portfolio (RIMS).

    An ERM is program is crucial because it will:

    • Help shape business objectives, drive revenue growth, and execute risk-based decisions.
    • Enable a deeper understanding of risks and assessment of current risk profile.
    • Support forward-looking risk management and more constructive dialogue with the board and regulatory agencies.
    • Provide insight on the robustness and efficacy of risk management processes, tools, and controls.
    • Drive a positive risk culture.

    ERM is supported by strategy, effective processes, technology, and people

    The image contains a screenshot that demonstrates how ERM is supported by strategy, effective processes, technology, and people.

    Risk frameworks

    Risk frameworks are leveraged by the industry to “provide a structure and set of definitions to allow enterprises of all types and sizes to understand and better manage their risk environments.” COSO Enterprise Risk Management, 2nd edition

    • Many organizations lean on the Committee of Sponsoring Organizations’ Enterprise Risk Management framework (COSO ERM) and ISO 31000 to view organizational risks from an enterprise perspective.
    • Prior to the introduction of standardized risk frameworks, it was difficult to quantify the impact of a risk event on the entire enterprise, as the risk was viewed in a silo or as an individual risk component.
    • Recently, the National Institute of Science and Technology (NIST) published guidance on developing an enterprise risk management approach. The guidance helps to bridge the gap between best practices in enterprise risk management and processes and control techniques that cybersecurity professionals use to meet regulatory cybersecurity risk requirements.

    The image contains a screenshot of NIST ERM approach to strategic risk.

    Source: National Institute of Standards and Technology

    New NIST guidance (NISTIR 8286) emphasizes the complexity of risk management and the need for the risk management process to be carried out seamlessly across three tiers with the overall objective of continuous improvement.

    Enterprise risk appetite

    “The amount of risk an organization is willing to take in pursuit of its objectives”

    – Robert R. Moeller, COSO ERM Framework Model
    • A primary role of the board and senior management is to balance value creation with effectively management of enterprise risks.
    • As part of this role, the board will approve the enterprise’s risk appetite. Placing this responsibility with the board ensures that the risk appetite is aligned with the company’s strategic objectives.
    • The risk appetite is used throughout the organization to assess and respond to individual risks, acting as a constant to make sure that risks are managed within the organization’s acceptable limits.
    • Each year, or in reaction to a risk trigger, the enterprise risk appetite will be updated and approved by the board.
    • Risk appetite will vary across organizations for several reasons, such as industry, company culture, competitors, the nature of the objectives pursued, and financial strength.

    Change or new risks » adjust enterprise risk profile » adjust risk appetite

    Risk profile vs. risk appetite

    Risk profile is the broad parameters an organization considers in executing its business strategy. Risk appetite is the amount of risk an entity is willing to accept in pursuit of its strategic objectives. The risk appetite can be used to inform the risk profile or vice versa. Your organization’s risk culture informs and is used to communicate both.

    Risk Tolerant

    Moderate

    Risk Averse

    • You have no compliance requirements.
    • You have no sensitive data.
    • Customers do not expect you to have strong security controls.
    • Revenue generation and innovative products take priority and risk is acceptable.
    • The organization does not have remote locations.
    • It is likely that your organization does not operate within the following industries:
      • Finance
      • Healthcare
      • Telecom
      • Government
      • Research
      • Education
    • You have some compliance requirements, such as:
      • HIPAA
      • PIPEDA
    • You have sensitive data and are required to retain records.
    • Customers expect strong security controls.
    • Information security is visible to senior leadership.
    • The organization has some remote locations.
    • Your organization most likely operates within the following industries:
      • Government
      • Research
      • Education
    • You have multiple strict compliance and/or regulatory requirements.
    • You house sensitive data, such as medical records.
    • Customers expect your organization to maintain strong and current security controls.
    • Information security is highly visible to senior management and public investors.
    • The organization has multiple remote locations.
    • Your organization operates within the following industries:
      • Finance
      • Healthcare
      • Telecom

    Where the IT risk appetite fits into the risk program

    • Your organization’s strategy and associated risk appetite cascade down to each business department. Overall strategy and risk appetite also set a strategy and risk appetite for each department.
    • Both risk appetite and risk tolerances set boundaries for how much risk an organization is willing or prepared to take. However, while appetite is often broad, tolerance is tactical and focused.
    • Tolerances apply to specific objectives and provide guidance to those executing on a day-to-day basis. They measure the variation around performance expectations that the organization will tolerate.
    • Ideally, they are incorporated into existing governance, risk, and compliance systems and are also considered when evaluated business cases.
    • IT risk appetite statements are based on IT level 1 risk types.

    The risk appetite has a risk lens but is also closely linked to corporate performance.

    The image contains a screenshot of a diagram that demonstrates how risk appetite has a risk lens, and how it is linked to corporate performance.

    Statements of risk

    The image contains a screenshot of a diagram of the risk landscape.

    Risk Appetite

    Risk Tolerance

    • The general amount of risk an organization is willing to accept while pursuing its objectives.
    • Proactive, future view of risks that reflects the desired range of enterprise performance.
    • Reflects the longer-term strategy of what needs to be achieved and the resources available to achieve it, expressed in quantitative criteria.
    • Risk appetites will vary for several reasons, such as the company culture, financial strength, and capabilities.
    • Risk tolerance is the acceptable deviation from the level set by the risk appetite.
    • Risk tolerance is a tactical tool often expressed in quantitative terms.
    • Key risk indicators are often used to align to risk tolerance limits to ensure the organization stays within the set risk boundary.

    Risk scenarios

    Risk scenarios serve two main purposes: to help decision makers understand how adverse events can affect organizational strategy and objectives and to prepare a framework for risk analysis by clearly defining and decomposing the factors contributing to the frequency and the magnitude of adverse events.

    ISACA
    • Organizations’ pervasive use of and dependency on technology has increased the importance of scenario analysis to identify relevant and important risks and the potential impacts of risk events on the organization if the risk event were to occur.
    • Risk scenarios provide “what if” analysis through a structured approach, which can help to define controls and document assumptions.
    • They form a constructive narrative and help to communicate a story by bringing in business context.
    • For the best outcome, have input from business and IT stakeholders. However, in reality, risk scenarios are usually driven by IT through the asset management practice.
    • Once the scenarios are developed, they are used during the risk analysis phase, in which frequency and business impacts are estimated. They are also a useful tool to help the risk team (and IT) communicate and explain risks to various business stakeholders.

    Top-down approach – driven by the business by determining the business impact, i.e. what is the impact on my customers, reputation, and bottom line if the system that supports payment processing fails?

    Bottom-up approach – driven by IT by identifying critical assets and what harm could happen if they were to fail.

    Example risk scenario

    Use level 1 IT risks to derive potential scenarios.

    Risk Scenario Description

    Example: IT Risks

    Risk Scenario Title

    A brief description of the risk scenario

    The enterprise is unable to recruit and retain IT staff

    Risk Type

    The process or system that is impacted by the risk

    • Service quality
    • Product and service cost

    Risk Scenario Category

    Deeper insight into how the risk might impact business functions

    • Inadequate capacity to support business needs
    • Talent and skills gap due to inability to retain talent

    Risk Statement

    Used to communicate the potential adverse outcomes of a particular risk event and can be used to communicate to stakeholders to enable informed decisions

    The organization chronically fails to recruit sufficiently skilled IT workers, leading to a loss of efficiency in overall technology operation and an increased security exposure.

    Risk Owner

    The designated party responsible and accountable for ensuring that the risk is maintained in accordance with enterprise requirements

    • Head of Human Resources
    • Business Process Owner

    Risk Oversight

    The person (role) who is responsible for risk assessments, monitoring, documenting risk response, and establishing key risk indicators

    CRO/COO

    Phase 2

    Set Your Organization Up for Success

    Phase 1

    Phase 2

    Phase 3

    • Governance, Risk, and Compliance
    • Enterprise Risk Management
    • Enterprise Risk Appetite
    • Risk Statements and Scenarios
    • What Is a Risk Taxonomy?
    • Functional Role of an IT Risk Taxonomy
    • Connection to Enterprise Risk Management
    • Establish Committee
    • Steps to Define IT Risk Taxonomy
    • Define Level 1
    • Test Level 1
    • Define Level 2 and 3
    • Test via Your Control Framework

    This phase will walk you through the following activities:

    • How to set up a cross-functional IT risk taxonomy committee

    This phase involves the following participants:

    • CIO
    • CISO
    • CRO
    • IT Risk Owners
    • Business Leaders
    • Human Resources

    What is a risk taxonomy?

    A risk taxonomy provides a common risk view and enables integrated risk

    • A risk taxonomy is the (typically hierarchical) categorization of risk types. It is constructed out of a collection of risk types organized by a classification scheme.
    • Its purpose is to assist with the management of an organization’s risk by arranging risks in a classification scheme.
    • It provides foundational support across the risk management lifecycle in relation to each of the key risks.
    • More material risk categories form the root nodes of the taxonomy, and risk types cascade into more granular manifestations (child nodes).
    • From a risk management perspective, a taxonomy will:
      • Enable more effective risk aggregation and interoperability.
      • Provide the organization with a complete view of risks and how risks might be interconnected or concentrated.
      • Help organizations form a robust control framework.
      • Give risk managers a structure to manage risks proactively.

    Typical Tree Structure

    The image contains a screenshot of the Typical Tree Structure.

    What is integrated risk management?

    • Integrated risk management is the process of ensuring all forms of risk information, including risk related to information and technology, are considered and included in the organization’s risk management strategy.
    • It removes the siloed approach of classifying risks related to specific departments or areas of the organization, recognizing that each risk is a potential threat to the overarching enterprise.
    • By aggregating the different threats or uncertainty that might exist within an organization, integrated risk management enables more informed decisions to be made that align to strategic goals and continue to drive value back to the business.
    • By holistically considering the different risks, the organization can make informed decisions on the best course of action that will reduce any negative impacts associated with the uncertainty and increase the overall value.

    The image contains a screenshot of the ERM.

    Integrated risk management: A strategic and collaborative way to manage risks across the organization. It is a forward-looking, business-specific outlook with the objective of improving risk visibility and culture.

    Drivers and benefits of integrated risk

    Drivers for Integrated Risk Management

    • Business shift to digital experiences
    • The breadth and number of risks requiring oversight
    • The need for faster risk analysis and decision making

    Benefits of Integrated Risk Management

    • Enables better scenario planning
    • Enables more proactive risk responses
    • Provides more relevant risk assurance to key stakeholders
    • Improves transparency and comparability of risks across organizational silos
    • Supports better financial resilience

    Business velocity and complexity are making real-time risk management a business necessity.

    If integrated risk is the destination, your taxonomy is your road to get you there

    Info-Tech’s Model for Integrated Risk

    The image contains a screenshot of Info-Tech's Model for Integrated Risk.

    How the risk practices intersect

    The risk taxonomy provides a common classification of risks that allows risks to roll up systematically to enterprise risk, enabling more effective risk responses and more informed decision making.

    The image contains a screenshot of a diagram that demonstrates how the risk practices intersect.

    ERM taxonomy

    Relative to the base event types, overall there is an increase in the number of level 1 risk types in risk taxonomies

    Oliver Wyman
    • The changing risk profile of organizations and regulatory focus in some industries is pushing organizations to rethink their risk taxonomies.
    • Generally, the expansion of level 1 risk types is due to the increase in risk themes under the operational risk umbrella.
    • Non-financial risks are risks that are not considered to be traditional financial risks, such as operational risk, technology risk, culture, and conduct. Environmental, social, and governance (ESG) risk is often referred to as a non-financial risk, although it can have both financial and non-financial implications.
    • Certain level 1 ERM risks, such as strategic risk, reputational risk, and ESG risk, cover both financial and non-financial risks.

    The image contains a screenshot of a diagram of the Traditional ERM Structure.

    Operational resilience

    • The concept of operational resiliency was first introduced by European Central Bank (ECB) in 2018 as an attempt to corral supervisory cooperation on operational resiliency in financial services.
    • The necessity for stronger operational resiliency became clear during the early stages of COVID-19 when many organizations were not prepared for disruption, leading to serious concern for the safety and soundness of the financial system.
    • It has gained traction and is now defined in global supervisory guidance. Canada’s prudential regulator, Office of the Superintendent of Financial Institutions (OSFI), defines it as “the ability of a financial institution to deliver its operations, including its critical operations, through disruption.”
    • Practically, its purpose is to knit together several operational risk management categories such as business continuity, security, and third-party risk.
    • The concept has been adopted by information and communication technology (ICT) companies, as technology and cyber risks sit neatly under this risk type.
    • It is now not uncommon to see operational resiliency as a level 1 risk type in a financial institution’s ERM framework.

    Operational resilience will often feature in ERM frameworks in organizations that deliver critical services, products, or functions, such as financial services

    Operational Resilience.

    ERM level 1 risk categories

    Although many organizations have expanded their enterprise risk management taxonomies to address new threats, most organizations will have the following level 1 risk types:

    ERM Level 1

    Definition

    Definition Source

    Financial

    The ability to obtain sufficient and timely funding capacity.

    Global Association of Risk Professionals (GARP)

    Non-Financial

    Non-financial risks are risks that are not considered to be traditional financial risks such as operational risk, technology risk, culture and conduct.

    Office of the Superintendent of Financial Institutions (OSFI)

    Reputational

    Potential negative publicity regarding business practices regardless of validity.

    US Federal Reserve

    Global Association of Risk Professionals (GARP)

    Strategic

    Risk of unsuccessful business performance due to internal or external uncertainties, whether the event is event or trend driven. Actions or events that adversely impact an organizations strategies and/or implementation of its strategies.

    The Risk Management Society (RIMS)

    Sustainability (ESG)

    This risk of any negative financial or reputational impact on an organizations stemming from current or prospective impacts of ESG factors on its counterparties or invested assets.

    Open Risk Manual

    Info-Tech Research Group

    Talent and Risk Culture

    The widespread behaviors and mindsets that can threaten sound decision-making, prudent risk-taking, and effective risk management and can weaken an institution’s financial and operational resilience.

    Info-Tech Research Group

    Different models of ERM

    Some large organizations will elevate certain operational risks to level 1 organizational risks due to risk materiality.

    Every organization will approach its risk management taxonomy differently; the number of level 1 risk types will vary and depend highly on perceived impact.

    Some of the reasons why an organization would elevate a risk to a level 1 ERM risk are:

    • The risk has significant impact on the organization's strategy, reputation, or financial performance.
    • The regulator has explicitly called out board oversight within legislation.
    • It is best practice in the organization’s industry or business sector.
    • The organization has structured its operations around a particular risk theme due to its potential negative impact. For example, the organization may have a dedicated department for data privacy.

    Level 1

    Potential Rationale

    Industries

    Risk Definition

    Advanced Analytics

    Use of advanced analytics is considered material

    Large Enterprise, Marketing

    Risks involved with model risk and emerging risks posed by artificial intelligence/machine learning.

    Anti-Money Laundering (AML) and Fraud

    Risk is viewed as material

    Financial Services, Gaming, Real Estate

    The risk of exposure to financial crime and fraud.

    Conduct Risk

    Sector-specific risk type

    Financial Services

    The current or prospective risk of losses to an institution arising from inappropriate supply of financial services including cases of willful or negligent misconduct.

    Operational Resiliency

    Sector-specific risk type

    Financial Services, ICT

    Organizational risk resulting from an organization’s failure to deliver its operations, including its critical operations, through disruption.

    Privacy

    Board driven – perceived as material risk to organization

    Healthcare, Financial Services

    The potential loss of control over personal information.

    Information Security

    Board driven – regulatory focus

    All may consider

    The people, processes, and technology involved in protecting data (information) in any form – whether digital or on paper – through its creation, storage, transmission, exchange, and destruction.

    Risk and impact

    Mapping risks to business outcomes happens within the ERM function and by enterprise fiduciaries.

    • When mapping risk events to enterprise risk types, the relationship is rarely linear. Rather, risk events typically will have multiple impacts on the enterprise, including strategic, reputational, ESG, and financial impacts.
    • As risk information is transmitted from lower levels, it informs the next level, providing the appropriate information to prioritize risk.
    • In the final stage, the enterprise portfolio view will reflect the enterprise impacts according to risk dimensions, such as strategic, operational, reporting, and compliance.

    Rolling Up Risks to a Portfolio View

    The image contains a screenshot to demonstrate rolling up risks to a portfolio view.

    1. A risk event within IT will roll up to the enterprise via the IT risk register.
    2. The impact of the risk on cash flow and operations will be aggregated and allocated in the enterprise risk register by enterprise fiduciaries (e.g. CFO).
    3. The impacts are translated into full value exposures or modified impact and likelihood assessments.

    Common challenges

    How to synthesize different objectives between IT risk and enterprise risk

    Commingling risk data is a major challenge when developing a risk taxonomy, but one of the underlying reasons is that the enterprise and IT look at risk from different dimensions.

    • The role of the enterprise in risk management is to provide and preserve value, and therefore the enterprise evaluates risk on an adjusted risk-return basis.
    • To do this effectively, the enterprise must break down silos and view risk holistically.
    • ERM is a top-down process of evaluating risks that may impact the entity. As part of the process, ERM must manage risks within the enterprise risk framework and provide reasonable assurances that enterprise objectives will be met.
    • IT risk management focuses on internal controls and sits as a function within the larger enterprise.
    • IT takes a bottom-up approach by applying an ongoing process of risk management and constantly identifying, assessing, prioritizing, and mitigating risks.
    • IT has a central role in risk mitigation and, if functioning well, will continually reduce IT risks, simplifying the role for ERM.

    Establish a team

    Cross-functional collaboration is key to defining level 1 risk types.

    Establish a cross-functional working group.

    • Level 1 IT risk types are the most important to get right because they are the root nodes that all subtypes of risk cascade from.
    • To ensure the root nodes (level 1 risk types) address the risks of your organization, it is vital to have a strong understanding or your organization’s value chain, so your organizational strategy is a key input for defining your IT level 1 risk types.
    • Since the taxonomy provides the method for communicating risks to the people who need to make decisions, a wide understanding and acceptance of the taxonomy is essential. This means that multiple people across your organization should be involved in defining the taxonomy.
    • Form a cross-functional tactical team to collaborate and agree on definitions. The team should include subject matter experts and leaders in key risk and business areas. In terms of governance structure, this committee might sit underneath the enterprise risk council, and members of your IT risk council may also be good candidates for this tactical working group.
    • The committee would be responsible for defining the taxonomy as well as performing regular reviews.
    • The importance of collaboration will become crystal clear as you begin this work, as risks should be connected to only one risk type.

    Governance Layer

    Role/ Responsibilities

    Enterprise

    Defines organizational goals. Directs or regulates the performance and behavior of the enterprise, ensuring it has the structure and capabilities to achieve its goals.

    Enterprise Risk Council

    • Approve of risk taxonomy

    Strategic

    Ensures business and IT initiatives, products, and services are aligned to the organization’s goals and strategy and provide expected value. Ensures adherence to key principles.

    IT Risk Council

    • Provide input
    • May review taxonomy ahead of going to the enterprise risk council for approval

    Tactical

    Ensures key activities and planning are in place to execute strategic initiatives.

    Subcommittee

    • Define risk types and definitions
    • Establish and maintain taxonomy
    • Recommend changes
    • Advocate and communicate internally

    2.1 Establish a cross-functional working group

    2-3 hours

    1. Consider your organization’s operating model and current governance framework, specifically any current risk committees.
    2. Consider the members of current committees and your objectives and begin defining:
      1. Committee mandate, goals, and success factors.
      2. Responsibility and membership.
      3. Committee procedures and policies.
    3. Make sure you define how this tactical working group will interact with existing committees.

    Download Build an IT Risk Taxonomy Workbook

    Input Output
    • Organization chart and operating model
    • Corporate governance framework and existing committee charters
    • Cross-functional working group charter
    Materials Participants
    • Whiteboard/flip charts
    • Build an IT Risk Taxonomy Workbook
    • IT Taxonomy Committee Charter
    • CISO
    • Human resources
    • Corporate communications
    • CRO or risk owners
    • Business leaders

    Phase 3

    Structure Your IT Risk Taxonomy

    Phase 1

    Phase 2

    Phase 3

    • Governance, Risk, and Compliance
    • Enterprise Risk Management
    • Enterprise Risk Appetite
    • Risk Statements and Scenarios
    • What Is a Risk Taxonomy?
    • Functional Role of an IT Risk Taxonomy
    • Connection to Enterprise Risk Management
    • Establish Committee
    • Steps to Define IT Risk Taxonomy
    • Define Level 1
    • Test Level 1
    • Define Level 2 and 3
    • Test via Your Control Framework

    This phase will walk you through the following activities:

    • Establish level 1 risk types
    • Test level 1 risk types
    • Define level 2 and level 3 risk types
    • Test the taxonomy via your control framework

    This phase involves the following participants:

    • CIO
    • CISO
    • CRO
    • IT Risk Owners
    • Business Leaders
    • Human Resources

    Structuring your IT risk taxonomy

    Do’s

    • Ensure your organization’s values are embedded into the risk types.
    • Design your taxonomy to be forward looking and risk based.
    • Make level 1 risk types generic so they can be used across the organization.
    • Ensure each risk has its own attributes and belongs to only one risk type.
    • Collaborate on and communicate your taxonomy throughout organization.

    Don’ts

    • Don’t develop risk types based on function.
    • Don’t develop your taxonomy in a silo.

    A successful risk taxonomy is forward looking and codifies the most frequently used risk language across your organization.

    Level 1

    Parent risk types aligned to organizational values

    Level 2

    Subrisks to level 1 risks

    Level 3

    Further definition

    Steps to define your IT risk taxonomy

    Step 1

    Leverage Info-Tech’s Build an IT Risk Taxonomy Guideline and identify IT level 1 risk types. Consider corporate inputs and macro trends.

    Step 2

    Test level 1 IT risk types by mapping to your enterprise's ERM level 1 risk types.

    Step 3

    Draft your level 2 and level 3 risk types. Be mutually exclusive to the extent possible.

    Step 4

    Work backward – align risk events and controls to the lowest level risk category. In our examples, we align to level 3.

    Step 5

    Add risk levels to your risk registry.

    Step 6

    Optional – Add IT risk appetite statements to risk register.

    Inputs to use when defining level 1

    To help you define your IT risk taxonomy, leverage your organization’s strategy and risk management artifacts, such as outputs from risk assessments, audits, and test results. Also consider macro trends and potential risks unique to your organization.

    Step 1 – Define Level 1 Risk Types

    Use corporate inputs to help structure your taxonomy

    • Corporate Strategy
    • Risk Assessment
    • Audit
    • Test Results

    Consider macro trends that may have an impact on how you manage IT risks

    • Geopolitical Risk
    • Economic Downturn
    • Regulation
    • Competition
    • Climate Risk
    • Industry Disruption

    Evaluate from an organizational lens

    Ask risk-based questions to help define level 1 IT risks for your organization.

    IT Risk Type

    Example Questions

    Technology

    How reliant is our organization on critical assets for business operations?

    How resilient is the organization to an unexpected crisis?

    How many planned integrations do we have (over the next 24 months)?

    Talent Risk

    What is our need for specialized skills, like digital, AI, etc.?

    Does our culture support change and innovation?

    How susceptible is our organization to labor market changes?

    Strategy

    What is the extent of digital adoption or use of emerging technologies in our organization?

    How aligned is IT with strategy/corporate goals?

    How much is our business dependent on changing customer preferences?

    Data

    How much sensitive data does our organization use?

    How much data is used and stored aggregately?

    How often is data moved? And to what locations?

    Third-party

    How many third-party suppliers do we have?

    How reliant are we on the global supply chain?

    What is the maturity level of our third-party suppliers?

    Do we have any concentration risk?

    Security

    How equipped is our organization to manage cyber threats?

    How many security incidents occur per year/quarter/day?

    Do we have regulatory obligations? Is there risk of enforcement action?

    Level 1 IT taxonomy structure

    Step 2 – Consider your organization’s strategy and areas where risks may manifest and use this guidance to advance your thinking. Many factors may influence your taxonomy structure, including internal organizational structure, the size of your organization, industry trends and organizational context, etc.

    Most IT organizations will include these level 1 risks in their IT risk taxonomy

    IT Level 1

    Definition

    Definition Source

    Technology

    Risk arising from the inadequacy, disruption, destruction, failure, damage from unauthorized access modifications, or malicious use of information technology assets, people or processes that enable and support business needs, and can result in financial loss and/or reputational damage.

    Open Risk Manual

    Note how this definition by OSFI includes cyber risk as part of technology risk. Smaller organizations and organizations that do not use large amounts of sensitive information will typically fold cyber risks under technology risks. Not all organizations will take this approach. Some organizations may elevate security risk to level 1.

    “Technology risk”, which includes “cyber risk”, refers to the risk arising from the inadequacy, disruption, destruction, failure, damage from unauthorized access, modifications, or malicious use of information technology assets, people or processes that enable and support business needs, and can result in financial loss and/or reputational damage.

    Office of the Superintendent of Financial Institutions (OSFI)

    Talent

    The risk of not having the right knowledge and skills to execute strategy.

    Info-Tech Research Group/McLean & Company

    Human capital challenges including succession challenges and the ability to attract and retain top talent are considered the most dominant risk to organizations’ ability to meet their value proposition (Protiviti, 2023).

    Strategic

    Risks that threaten IT’s ability to deliver expected business outcomes.

    Info-Tech Research Group

    IT’s role as strategic enabler to the business has never been so vital. With the speed of disruptive innovation, IT must be able to monitor alignment, support opportunities, and manage unexpected crises.

    Level 1 IT taxonomy structure cont'd

    Step 2 – Large and more complex organizations may have more level 1 risk types. Variances in approaches are closely linked to the type of industry and business in which the organization operates as well as how they view and position risks within their organization.

    IT Level 1

    Definition

    Definition Source

    Data

    Data risk is the exposure to loss of value or reputation caused by issues or limitations to an organization’s ability to acquire, store, transform, move, and use its data assets.

    Deloitte

    Data risk encompasses the risk of loss value or reputation resulting from inadequate or failed internal processes, people and systems or from external events impacting on data.

    Australian Prudential Regulation Authority (APRA) CPG 235 -2013)

    Data is increasingly being used for strategic growth initiatives as well as for meeting regulatory requirements. Organizations that use a lot of data or specifically sensitive information will likely have data as a level 1 IT risk type.

    Third-Party

    The risk adversely impacting the institutions performance by engaging a third party, or their associated downstream and upstream partners or another group entity (intragroup outsourcing) to provide IT systems or related services.

    European Banking Association (EBA)

    Open Risk Manual uses EBA definition

    Third-party risk (supply chain risk) received heightened attention during COVID-19. If your IT organization is heavily reliant on third parties, you may want to consider elevating third-party risk to level 1.

    Security

    The risk of unauthorized access to IT systems and data from within or outside the institution (e.g., cyber-attacks). An incident is viewed as a series of events that adversely affects the information assets of an organization. The overall narrative of this type of risk event is captured as who, did what, to what (or whom), with what result.

    Open Risk Manual

    Some organizations and industries are subject to regulatory obligations, which typically means the board has strict oversight and will elevate security risk to a level 1.

    Common challenges

    Considerations when defining level 1 IT risk types

    • Ultimately, the identification of a level 1 IT risk type will be driven by the potential for and materiality of vulnerabilities that may impede an organization from delivering successful business outcomes.
    • Senior leaders within organizations play a central role in protecting organizations against vulnerabilities and threats.
    • The size and structure of your organization will influence how you manage risk.
    • The following slide shows typical roles and responsibilities for data privacy.
    • Large enterprises and organizations that use a lot of personal identifiable information (PII) data, such as those in healthcare, financial services, and online retail, will typically have data as a level 1 IT risk and data privacy as a level 2 risk type.
    • However, smaller organizations or organizations that do not use a lot of data will typically fold data privacy under either technology risk or security risk.

    Deciding placement in taxonomy

    Deciding Placement in Taxonomy.

    • In larger enterprises, data risks are managed within a dedicated functional department with its own governance structure. In small organizations, the CIO is typically responsible and accountable for managing data privacy risk.

    Global Enterprise

    Midmarket

    Privacy Requirement

    What Is Involved

    Accountable

    Responsible

    Accountable & Responsible

    Privacy Legal and Compliance Obligations

    • Ensuring the relevant Accountable roles understand privacy obligations for the jurisdictions operated in.

    Privacy Officer (Legal)

    Privacy Officer (Legal)

    Privacy Policy, Standards, and Governance

    • Defining polices and ensuring they are in place to ensure all privacy obligations are met.
    • Monitoring adherence to those policies and standards.

    Chief Risk Officer (Risk)

    Head of Risk Function

    Data Classification and Security Standards and Best-Practice Capabilities

    • Defining the organization’s data classification and security standards and ensuring they align to the privacy policy.
    • Designing and building the data security standards, processes, roles, and technologies required to ensure all security obligations under the privacy policy can be met.
    • Providing oversight of the effectiveness of data security practices and leading resolution of data security issues/incidents.

    Chief Information Security Officer (IT)

    Chief Information Security Officer (IT)

    Technical Application of Data Classification, Management and Security Standards

    • Ensuring all technology design, implementation, and operational decisions adhere to data classification, data management, and data security standards.

    Chief Information Officer (IT)

    Chief Data Architect (IT)

    Chief Information Officer (IT)

    Data Management Standards and Best-Practice Capabilities

    • Defining the organization’s data management standards and ensuring they align to the privacy policy.
    • Designing and building the data management standards, processes, roles, and technologies required to ensure data classification, access, and sharing obligations under the privacy policy can be met.
    • Providing oversight of the effectiveness of data classification, access, and sharing practices and leading resolution of data management issues/incidents.

    Chief Data Officer

    Where no Head of Data Exists and IT, not the business, is seen as de facto owner of data and data quality

    Execution of Data Management

    • Ensuring business processes that involve data classification, sharing, and access related to their data domain align to data management standards (and therefore privacy obligations).

    L1 Business Process Owner

    L2 Business Process Owner

    Common challenges

    Defining security risk and where it resides in the taxonomy

    • For risk management to be effective, risk professionals need to speak the same language, but the terms “information security,” “cybersecurity,” and “IT security” are often used interchangeably.
    • Traditionally, cyber risk was folded under technology risk and therefore resided at a lower level of a risk taxonomy. However, due to heightened attention from regulators and boards stemming from the pervasiveness of cyber threats, some organizations are elevating security risks to a level 1 IT risk.
    • Furthermore, regulatory cybersecurity requirements have emphasized control frameworks. As such, many organizations have adopted NIST because it is comprehensive, regularly updated, and easily tailored.
    • While NIST is prescriptive and action oriented, it start with controls and does not easily integrate with traditional ERM frameworks. To address this, NIST has published new guidance focused on an enterprise risk management approach. The guidance helps to bridge the gap between best practices in enterprise risk management and processes and control techniques that cybersecurity professionals use to meet regulatory cybersecurity risk requirements.

    Definitional Nuances

    “Cybersecurity” describes the technologies, processes, and practices designed to protect networks, computers, programs, and data from attack, damage, or unauthorized access.

    “IT security” describes a function as well as a method of implementing policies, procedures, and systems to defend the confidentiality, integrity, and availability of any digital information used, transmitted, or stored throughout the organization’s environment.

    “Information security” defines the people, processes, and technology involved in protecting data (information) in any form – whether digital or on paper – through its creation, storage, transmission, exchange, and destruction.

    3.1 Establish level 1 risk types

    2-3 hours

    1. Consider your current and future corporate goals and business initiatives, risk management artifacts, and macro industry trends.
    2. Ask questions to understand risks unique to your organization.
    3. Review Info-Tech’s IT level 1 risk types and identify the risk types that apply to your organization.
    4. Add any risk types that are missing and unique to your organization.
    5. Refine the definitions to suit your organization.
    6. Be mutually exclusive and collectively exhaustive to the extent possible.

    Download Build an IT Risk Taxonomy Workbook

    InputOutput
    • Organization's strategy
    • Other organizational artifacts if available (operating model, outputs from audits and risk assessments, risk profile, and risk appetite)
    • Build an IT Risk Taxonomy Guideline
    • IT Risk Taxonomy Definitions
    • Level 1 IT risk types customized to your organization
    MaterialsParticipants
    • Whiteboard/flip charts
    • Build an IT Risk Taxonomy Workbook
    • CISO
    • Human resources
    • Corporate communications
    • CRO or risk owners
    • Business leaders

    3.2 Map IT risk types against ERM level 1 risk types

    1-2 hours

    1. Using the output from Activity 3.1, map your IT risk types to your ERM level 1 risk types.
    2. Record in the Build an IT Risk Taxonomy Workbook.

    Download Build an IT Risk Taxonomy Workbook

    InputOutput
    • IT level 1 risk types customized to your organization
    • ERM level 1 risk types
    • Final level 1 IT risk types
    MaterialsParticipants
    • Whiteboard/flip charts
    • Build an IT Risk Taxonomy Workbook
    • CISO
    • Human resources
    • Corporate communications
    • CRO or risk owners
    • Business leaders

    Map IT level 1 risk types to ERM

    Test your level 1 IT risk types by mapping to your organization’s level 1 risk types.

    Step 2 – Map IT level 1 risk types to ERM

    The image contains two tables. 1 table is ERM Level 1 Risks, the other table is IT Level 1 Risks.

    3.3 Establishing level 2 and 3 risk types

    3-4 hours

    1. Using the level 1 IT risk types that you have defined and using Info-Tech’s Risk Taxonomy Guideline, first begin to identify level 2 risk types for each level 1 type.
    2. Be mutually exclusive and collectively exhaustive to the extent possible.
    3. Once satisfied with your level 2 risk types, break them down further to level 3 risk types.

    Note: Smaller organizations may only define two risk levels, while larger organizations may define further to level 4.

    Download Build an IT Risk Taxonomy Design Template

    InputOutput
    • Output from Activity 3.1, Establish level 1 risk types
    • Build an IT Risk Taxonomy Workbook
    • Build an IT Risk Taxonomy Guideline
    • Level 2 and level 3 risk types recorded in Build an IT Risk Taxonomy Design Template
    MaterialsParticipants
    • Whiteboard/flip charts
    • Build an IT Risk Taxonomy Workbook
    • CISO
    • Human resources
    • Corporate communications
    • CRO or risk owners
    • Business leaders

    Level 2 IT taxonomy structure

    Step 3 – Break down your level 1 risk types into subcategories. This is complicated and may take many iterations to reach a consistent and accepted approach. Try to make your definitions intuitive and easy to understand so that they will endure the test of time.

    The image contains a screenshot of Level 2 IT taxonomy Structure.

    Security vulnerabilities often surface through third parties, but where and how you manage this risk is highly dependent on how you structure your taxonomy. Organizations with a lot of exposure may have a dedicated team and may manage and report security risks under a level 1 third-party risk type.

    Level 3 IT taxonomy structure

    Step 3 – Break down your level 2 risk types into lower-level subcategories. The number of levels of risk you have will depend on the size of and magnitude of risks within your organization. In our examples, we demonstrate three levels.

    The image contains a screenshot of Level 3 IT taxonomy Structure.

    Risk taxonomies for smaller organizations may only include two risk levels. However, large enterprises or more complex organizations may extend their taxonomy to level 3 or even 4. This illustration shows just a few examples of level 3 risks.

    Test using risk events and controls

    Ultimately risk events and controls need to roll up to level 1 risks in a consistent manner. Test the robustness of your taxonomy by working backward.

    Step 4 – Work backward to test and align risk events and controls to the lowest level risk category.

    • A key function of IT risk management is to monitor and maintain internal controls.
    • Internal controls help to reduce the level of inherent risk to acceptable levels, known as residual risk.
    • As risks evolve, new controls may be needed to upgrade protection for tech infrastructure and strengthen connections between critical assets and third-party suppliers.

    Example – Third Party Risk

    Third Party Risk example.

    3.4 Test your IT taxonomy

    2-3 hours

    1. Leveraging the output from Activities 3.1 to 3.3 and your IT Risk Taxonomy Design Template, begin to test the robustness of the taxonomy by working backward from controls to level 1 IT risks.
    2. The lineage should show clearly that the control will mitigate the impact of a realized risk event. Refine the control or move the control to another level 1 risk type if the control will not sufficiently reduce the impact of a realized risk event.
    3. Once satisfied, update your risk register or your risk management software tool.

    Download Build an IT Risk Taxonomy Design Template

    InputOutput
    • Output from Activities 3.1 to 3.3
    • IT risk taxonomy documented in the IT Risk Taxonomy Design Template
    MaterialsParticipants
    • Whiteboard/flip charts
    • IT risk register
    • Build an IT Risk Taxonomy Workbook
    • CISO
    • Human resources
    • Corporate communications
    • CRO or risk owners
    • Business leaders

    Update risk register

    Step 5 – Once you are satisfied with your risk categories, update your risk registry with your IT risk taxonomy.

    Use Info-Tech’s Risk Register Tool or populate your internal risk software tool.

    Risk Register.

    Download Info-Tech’s Risk Register Tool

    Augment the risk event list using COBIT 2019 processes (Optional)

    Other industry-leading frameworks provide alternative ways of conceptualizing the functions and responsibilities of IT and may help you uncover additional risk events.

    1. Managed IT Management Framework
    2. Managed Strategy
    3. Managed Enterprise Architecture
    4. Managed Innovation
    5. Managed Portfolio
    6. Managed Budget and Costs
    7. Managed Human Resources
    8. Managed Relationships
    9. Managed Service Agreements
    10. Managed Vendors
    11. Managed Quality
    12. Managed Risk
    13. Managed Security
    14. Managed Data
    15. Managed Programs
    16. Managed Requirements Definition
    17. Managed Solutions Identification and Build
    18. Managed Availability and Capacity
    19. Managed Organizational Change Enablement
    20. Managed IT Changes
    21. Managed IT Change Acceptance and Transitioning
    22. Managed Knowledge
    23. Managed Assets
    24. Managed Configuration
    25. Managed Projects
    26. Managed Operations
    27. Managed Service Requests and Incidents
    28. Managed Problems
    29. Managed Continuity
    30. Managed Security Services
    31. Managed Business Process Controls
    32. Managed Performance and Conformance Monitoring
    33. Managed System of Internal Control
    34. Managed Compliance with External Requirements
    35. Managed Assurance
    36. Ensured Governance Framework Setting and Maintenance
    37. Ensured Benefits Delivery
    38. Ensured Risk Optimization
    39. Ensured Resource Optimization
    40. Ensured Stakeholder Engagement

    Example IT risk appetite

    When developing your risk appetite statements, ensure they are aligned to your organization’s risk appetite and success can be measured.

    Example IT Risk Appetite Statement

    Risk Type

    Technology Risk

    IT should establish a risk appetite statement for each level 1 IT risk type.

    Appetite Statement

    Our organization’s number-one priority is to provide high-quality trusted service to our customers. To meet this objective, critical systems must be highly performant and well protected from potential threats. To meet this objective, the following expectations have been established:

    • No appetite for unauthorized access to systems and confidential data.
    • Low appetite for service downtime.
      • Service availability objective of 99.9%.
      • Near real-time recovery of critical services – ideally within 30 minutes, no longer than 3 hours.

    The ideal risk appetite statement is qualitative and supported by quantitative measures.

    Risk Owner

    Chief Information Officer

    Ultimately, there is an accountable owner(s), but involve business and technology stakeholders when drafting to gain consensus.

    Risk Oversight

    Enterprise Risk Committee

    Supporting Framework(s)

    Business Continuity Management, Information Security, Internal Audit

    The number of supporting programs and frameworks will vary with the size of the organization.

    3.5 Draft your IT risk appetite statements

    Optional Activity

    2-3 hours

    1. Using your completed taxonomy and your organization’s risk appetite statement, draft an IT risk appetite statement for each level 1 risk in your workbook.
    2. Socialize the statements and gain approval.
    3. Add the approved risk appetite statements to your IT risk register.

    Download Build an IT Risk Taxonomy Workbook

    Input Output
    • Organization’s risk appetite statement
    • Build an IT Risk Taxonomy Workbook
    • IT Risk Taxonomy Design Template
    • IT risk appetite statements
    Materials Participants
    • Whiteboard/flip charts
    • Build an IT Risk Taxonomy Workbook
    • CISO, CIO
    • Human resources
    • Corporate communications
    • CRO or risk owners
    • Business leaders

    Key takeaways and next steps

    • The risk taxonomy is the backbone of a robust enterprise risk management program. A good taxonomy is frequently used and well understood.
    • Not only is the risk taxonomy used to assess organizational impact, but it is also used for risk reporting, scenarios analysis and horizon scanning, and risk appetite expression.
    • It is essential to capture IT risks within the ERM framework to fully understand the impact and allow for consistent risk discussions and meaningful aggregation.
    • Defining an IT risk taxonomy is a team sport, and organizations should strive to set up a cross-functional working group that is tasked with defining the taxonomy, monitoring its effectiveness, and ensuring continual improvement.
    • The work does not end when the taxonomy is complete. The taxonomy should be well socialized throughout the organization after inception through training and new policies and procedures. Ultimately, it should be an activity embedded into risk management practices.
    • The taxonomy is a living document and should be continually improved upon.

    3.6 Prepare to communicate the taxonomy internally

    1-2 hours

    To gain acceptance of your risk taxonomy within your organization, ensure it is well understood and used throughout the organization.

    1. Consider your audience and agree on the key elements you want to convey.
    2. Prepare your presentation.
    3. Test your presentation with a smaller group before communicating to senior leadership or the board.

    Coming soon: Look for our upcoming research Communicate Any IT Initiative.

    InputOutput
    • Build an IT Risk Taxonomy Workbook
    • Upcoming research: Communicate Any IT Initiative
    • Presentation
    MaterialsParticipants
    • Whiteboard/flip charts
    • Upcoming research: Communicate Any IT Initiative
    • Internal communication templates
    • CISO, CIO
    • Human resources
    • Corporate communications
    • CRO or risk owners
    • Business leaders

    Related Info-Tech Research

    Build an IT Risk Management Program

    • Use this blueprint to transform your ad hoc risk management processes into a formalized ongoing program and increase risk management success.
    • Learn how to take a proactive stance against IT threats and vulnerabilities by identifying and assessing IT’s greatest's risks before they occur.

    Integrate IT Risk Into Enterprise Risk

    • Use this blueprint to understand gaps in your organization’s approach to risk management.
    • Learn how to integrate IT risks into the foundational risk practice

    Coming Soon: Communicate Any IT initiative

    • Use this blueprint to compose an easy-to-understand presentation to convey the rationale of your initiative and plan of action.
    • Learn how to identify your target audience and tailor and deliver the message in an authentic and clear manner.

    Risk definitions

    Term Description
    Emergent Risk Risks that are poorly understood but expected to grow in significance.
    Residual Risk The amount of risk you have left after you have removed a source of risk or implemented a mitigation approach (controls, monitoring, assurance).
    Risk Acceptance If the risk is within the enterprise's risk tolerance or if the cost of otherwise mitigating the risk is higher than the potential loss, the enterprise can assume the risk and absorb any losses.
    Risk Appetite An organization’s general approach and attitude toward risk; the total exposed amount that an organization wishes to undertake on the basis of risk-return trade-offs for one or more desired and expected outcomes.
    Risk Assessment The process of estimating and evaluating risk.
    Risk Avoidance The risk response where an organization chooses not to perform a particular action or maintain an existing engagement due to the risk involved.
    Risk Event A risk occurrence (actual or potential) or a change of circumstances. Can consist of more than one occurrence or of something not happening. Can be referred to as an incident or accident.
    Risk Identification The process of finding, recognizing, describing, and documenting risks that could impact the achievement of objectives.
    Risk Management The capability and related activities used by an organization to identify and actively manage risks that affect its ability to achieve goals and strategic objectives. Includes principles, processes, and framework.
    Risk Likelihood The chance of a risk occurring. Usually measured mathematically using probability.
    Risk Management Policy Expresses an organization’s commitment to risk management and clarifies its use and direction.
    Risk Mitigation The risk response where an action is taken to reduce the impact or likelihood of a risk occurring.
    Risk Profile A written description of a set of risks.

    Risk definitions

    Term Description
    Risk Opportunity A cause/trigger of a risk with a positive outcome.
    Risk Owner The designated party responsible and accountable for ensuring that the risk is maintained in accordance with enterprise requirements.
    Risk Register A tool used to identify and document potential and active risks in an organization and to track the actions in place to manage each risk.
    Risk Response How you choose to respond to risk (accept, mitigate, transfer, or avoid).
    Risk Source The element that, alone or in combination, has potential to give rise to a risk. Usually this is the root cause of the risk.
    Risk Statement A description of the current conditions that may lead to the loss, and a description of the loss.
    Risk Tolerance The amount of risk you are prepared or able to accept (in terms of volume or impact); the amount of uncertainty an organization is willing to accept in the aggregate (or more narrowly within a certain business unit or for a specific risk category). Expressed in quantitative terms that can be monitored (such as volatility or deviation measures), risk tolerance often is communicated in terms of acceptable/unacceptable outcomes or as limited levels of risk. Risk tolerance statements identify the specific minimum and maximum levels beyond which the organization is unwilling to accept variations from the expected outcome.
    Risk Transfer The risk response where you transfer the risk to a third party.

    Research Contributors and Experts

    LynnAnn Brewer
    Director
    McLean & Company

    Sandi Conrad
    Principal Research Director
    Info-Tech Research Group

    Valence Howden
    Principal Research Director
    Info-Tech Research Group

    John Kemp
    Executive Counsellor – Executive Services
    Info-Tech Research Group

    Brittany Lutes
    Research Director
    Info-Tech Research Group

    Carlene McCubbin
    Practice Lead – CIO Practice
    Info-Tech Research Group

    Frank Sargent
    Senior Workshop Director
    Info-Tech Research Group

    Frank Sewell
    Advisory Director
    Info-Tech Research Group

    Ida Siahaan
    Research Director
    Info-Tech Research Group

    Steve Willis
    Practice Lead – Data Practice
    Info-Tech Research Group

    Bibliography

    Andrea Tang, “Privacy Risk Management”. ISACA Journal, June 2020, Accessed January 2023
    Anthony Kruizinga, “Reshaping the risk taxonomy”. PwC, April 2021, Accessed January 2023
    Auditboard, "The Essentials of Integrated Risk Management (IRM)", June 2022, Accessed January 2023
    Brenda Boultwood, “How to Design an ERM-Friendly Risk Data Architecture”. Global Association of Risk Professionals, February 2020, Accessed January 2023
    BSI Standards Publication, "Risk Management Guidelines", ISO 31000, 2018
    Dan Swinhoe, "What is Physical Security, How to keep your facilities and devices safe from onsite attackers", August 2021, Accessed January 2023
    Eloise Gratton, “Data governance and privacy risk in Canada: A checklist for boards and c-suite”. Borden Ladner Gervais, November 2022 , Accessed January 2023
    European Union Agency for Cyber Security Glossary
    European Banking Authority, "Guidelines on ICT Risk Assessment under the Supervisory Review and Evaluation process (SREP)", September 2017, Accessed February 2023
    European Banking Authority, "Regulatory Framework for Mitigating Key Resilient Risks", Sept 2018, Accessed February 2023
    EY, "Seeking stability within volatility: How interdependent risks put CROs at the heart of the banking business", 12th annual EY/IFF global bank risk management survey, 2022, Accessed February 2023
    Financial Stability Board, "Cyber Lexicon", November 2018, Accessed February 2023
    Financial Stability Board, "Principles for Effective Risk Appetite Framework", November 2013, Accessed January 2023
    Forbes Technology Council, "14 Top Data Security Risks Every Business Should Address", January 2020, Accessed January 2023
    Frank Martens, Dr. Larry Rittenberg, "COSO, Risk Appetite Critical for Success, Using Risk Appetite to Thrive in a Changing World", May 2020, Accessed January 2023
    Gary Stoneurmer, Alice Goguen and Alexis Feringa, "NIST, Risk Management Guide for Information Technology Systems", Special Publication, 800-30, September 2012, Accessed February 2023
    Guy Pearce, "Real-World Data Resilience Demands and Integrated Approach to AI, Data Governance and the Cloud", ISACA Journal, May 2022
    InfoTech Tech Trends Report, 2023
    ISACA, "Getting Started with Risk Scenarios", 2022, Accessed February 2023
    James Kaplan, "Creating a technology risk and cyber risk appetite framework," McKinsey & Company, August 2022, Accessed February 2023
    Jean-Gregorie Manoukian, Wolters Kluwer, "Risk appetite and risk tolerance: what’s the difference?", Sept 2016, Accessed February 2023
    Jennifer Bayuk, “Technology’s Role in Enterprise Risk Management”, ISACA Journal, March 2018, Accessed in February 2023
    John Thackeray, "Global Association of Risk Professionals, 7 Key Elements of Effective ERM", January 2020, Accessed January 2023
    KPMG, "Regulatory rigor: Managing technology and cyber risk, How FRFI’s can achieve outcomes laid out in OSFI B-13", October 2022, Accessed January 2023
    Marc Chiapolino et al, “Risk and resilience priorities, as told by chief risk officers”, McKinsey and Company, December 2022, Accessed January 2023
    Mike Rost, Workiva, "5 Steps to Effective Strategic Management", Updated February 2023. Accessed February 2023
    NIST, "Risk Management Framework for Information Systems and Organization, The System Life Cycle Approach for Security and Privacy," December 2018, Accessed February 2023
    NIST, NISTIR, "Integrating CyberSecurity and Enterprise Risk", October 2020, Accessed February 2023
    Oliver Wyman, "The ORX Reference Taxonomy for operational and non-financial risk summary report", 2019, Accessed February 2023.
    Office of the Superintendent of Financial Institutions, "Operational Resilience Consultation Results Summary", December 2021, Accessed January 2023
    Open Risk Manual, Risk Taxonomy Definitions
    Ponemon. "Cost of a Data Breach Report 2021." IBM, July 2021. Web.
    Protiviti, "Executive Perspectives on Top Risks, 2023 & 2032, Key Issues being discussed in the boardroom and c-suite", February 2023, Accessed February 2023
    RIMS, ISACA, "Bridging the Digital Gap, How Collaboration Between IT and Risk Management can Enhance Value Creation", September 2019, Accessed February 2023
    Robert, R. Moeller, "COSO, Enterprise Risk Management, Second Edition, 2011", Accessed February 2023
    Robert Putrus, "Effective Reporting to the BoD on Critical Assets, Cyberthreats and Key Controls: The Qualitative and Quantitative Model", ISACA Journal, January 2021, Accessed January 2023
    Ron Brash, "Prioritizing Asset Risk Management in ICS Security", August 2020, Accessed February 2023
    Ronald Van Loon, "What is Data Culture and How to Implement it?", November 2023, Accessed February 2023
    SAS, "From Crisis to Opportunity, Redefining Risk Management", 2021Accessed January 2023
    Satori, Cloudian, "Data Protection and Privacy: 12 Ways to Protect User Data", Accessed January 2023
    Spector Information Security, "Building your Asset and Risk Register to Manage Technology Risk", November 2021, Accessed January 2023
    Talend, "What is data culture", Accessed February 2023
    Tom Schneider, "Managing Cyber Security Risk as Enterprise Risk", ISACA Journal, September 2022, Accessed February 2023
    Tony Martin –Vegue, "How to Write Strong Risk Scenarios and Statements", ISACA Journal, September 2021, Accessed February 2023
    The Wall Street Journal, "Making Data Risk a Top Priority", April 2018, Accessed February 2023

    Modernize Data Architecture for Measurable Business Results

    • Buy Link or Shortcode: {j2store}387|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management
    • Data architecture projects have often failed in the past, causing businesses today to view the launch of a new project as a costly initiative with unclear business value.
    • New technologies in big data and analytics are requiring organizations to modernize their data architecture, but most organizations have failed to spend the time and effort refining the appropriate data models and blueprints that enable them to do so.
    • As the benefits for data architecture are often diffused across an organization’s information management practice, it can be difficult for the business to understand the value and necessity of data architecture.

    Our Advice

    Critical Insight

    • At the heart of tomorrow’s insights-driven enterprises is a modern data environment anchored in fit-for-purpose data architectures.
    • The role of traditional data architecture is transcending beyond organizational boundaries and its focus is shifting from “keeping the lights on” (i.e. operational data and BI) to providing game-changing insights gleaned from untapped big data.

    Impact and Result

    • Perform a diagnostic assessment of your present day architecture and identify the capabilities of your future “to be” environment to position your organization to capitalize on new opportunities in the data space.
    • Use Info-Tech’s program diagnostic assessment and guidance for developing a strategic roadmap to support your team in building a fit-for purpose data architecture practice.
    • Create a data delivery architecture that harmonizes traditional and modern architectural opportunities.

    Modernize Data Architecture for Measurable Business Results Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should modernize your data architecture, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Develop a data architecture vision

    Plan your data architecture project and align it with the business and its strategic vision.

    • Modernize Data Architecture for Measurable Business Results – Phase 1: Develop a Data Architecture Vision
    • Modernize Data Architecture Project Charter
    • Data Architecture Strategic Planning Workbook

    2. Assess data architecture capabilities

    Evaluate the current and target capabilities of your data architecture, using the accompanying diagnostic assessment to identify performance gaps and build a fit-for-purpose practice.

    • Modernize Data Architecture for Measurable Business Results – Phase 2: Assess Data Architecture Capabilities
    • Data Architecture Assessment and Roadmap Tool
    • Initiative Definition Tool

    3. Develop a data architecture roadmap

    Translate your planned initiatives into a sequenced roadmap.

    • Modernize Data Architecture for Measurable Business Results – Phase 3: Develop a Data Architecture Roadmap
    • Modernize Data Architecture Roadmap Presentation Template
    [infographic]

    Workshop: Modernize Data Architecture for Measurable Business Results

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Develop a Data Architecture (DA) Vision

    The Purpose

    Discuss key business drivers and strategies.

    Identify data strategies.

    Develop a data architecture vision.

    Assess data architecture practice capabilities. 

    Key Benefits Achieved

    A data architecture vision aligned with the business.

    A completed assessment of the organization’s current data architecture practice capabilities.

    Identification of "to be" data architecture practice capabilities.

    Identification of key gaps. 

    Activities

    1.1 Explain approach and value proposition

    1.2 Discuss business vision and key drivers

    1.3 Discover business pain points and needs

    1.4 Determine data strategies

    1.5 Assess DA practice capabilities

    Outputs

    Data strategies

    Data architecture vision

    Current and target capabilities for the modernized DA practice

    2 Assess DA Core Capabilities (Part 1)

    The Purpose

    Assess the enterprise data model (EDM).

    Assess current and target data warehouse, BI/analytics, and big data architectures.

    Key Benefits Achieved

    A completed assessment of the organization’s current EDM, data warehouse, BI and analytics, and big data architectures.

    Identification of "to be" capabilities for the organization’s EDM, data warehouse, BI and analytics, and big data architectures.

    Identification of key gaps.

    Activities

    2.1 Present an overarching DA capability model

    2.2 Assess current and target EDM capabilities

    2.3 Assess current/target data warehouse, BI/analytics, and big data architectures

    2.4 Identify gaps and high level strategies

    Outputs

    Target capabilities for EDM

    Target capabilities for data warehouse architecture, BI architecture, and big data architecture

    3 Assess DA Core Capabilities (Part 2)

    The Purpose

    Assess EDM.

    Assess current/target MDM, metadata, data integration, and content architectures.

    Assess dynamic data models.

    Key Benefits Achieved

    A completed assessment of the organization’s current MDM, metadata, data integration, and content architectures.

    Identification of “to be” capabilities for the organization’s MDM, metadata, data integration, and content architectures.

    Identification of key gaps.

    Activities

    3.1 Present an overarching DA capability model

    3.2 Assess current and target MDM, metadata, data integration, and content architectures

    3.3 Assess data lineage and data delivery model

    3.4 Identify gaps and high level strategies

    Outputs

    Target capabilities for MDM architecture, metadata architecture, data integration architecture, and document & content architecture

    Target capabilities for data lineage/delivery

    4 Analyze Gaps and Formulate Strategies

    The Purpose

    Map performance gaps and document key initiatives from the diagnostic assessment.

    Identify additional gaps and action items.

    Formulate strategies and initiatives to address priority gaps. 

    Key Benefits Achieved

    Prioritized gap analysis.

    Improvement initiatives and related strategies.

    Activities

    4.1 Map performance gaps to business vision, pain points, and needs

    4.2 Identify additional gaps

    4.3 Consolidate/rationalize/prioritize gaps

    4.4 Formulate strategies and actions to address gaps

    Outputs

    Prioritized gaps

    Data architecture modernization strategies

    5 Develop a Data Architecture Roadmap

    The Purpose

    Plot initiatives and strategies on a strategic roadmap.

    Key Benefits Achieved

    A roadmap with prioritized and sequenced initiatives.

    Milestone plan.

    Executive report. 

    Activities

    5.1 Transform strategies into a plan of action

    5.2 Plot actions on a prioritized roadmap

    5.3 Identify and discuss next milestone plan

    5.4 Compile an executive report

    Outputs

    Data architecture modernization roadmap

    Data architecture assessment and roadmap report (from analyst team)

    Essentials of Vendor Management for Small Business

    • Buy Link or Shortcode: {j2store}229|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management
    • Each year, SMB IT organizations spend more money “outsourcing” tasks, activities, applications, functions, and other items.
    • Many SMBs lack the affordability of implementing a sophisticated vendor management initiative or office.
    • The increased spend and associated outsourcing leads to less control, and more risk for IT organizations. Managing this becomes a higher priority for IT, but many IT organizations are ill-equipped to do this proactively.

    Our Advice

    Critical Insight

    • Vendor management is not “plug and play” – each organization’s vendor management initiative (VMI) needs to fit its culture, environment, and goals. There are commonalities among vendor management initiatives, but the key is to adapt vendor management principles to fit your needs, not the other way around.
    • All vendors are not of equal importance to an organization. Internal resources are a scarce commodity and should be deployed so that they provide the best return on the organization’s investment. Classifying or segmenting your vendors allows you to focus your efforts on the most important vendors first, allowing your VMI to have the greatest impact possible.
    • Having a solid foundation is critical to the VMI’s ongoing success. Whether you will be creating a formal vendor management office or using vendor management techniques, tools, and templates “informally”, starting with the basics is essential. Make sure you understand why the VMI exists and what it hopes to achieve, what is in and out of scope for the VMI, what strengths the VMI can leverage and the obstacles it will have to address, and how it will work with other areas within your organization.

    Impact and Result

    • Build and implement a vendor management initiative tailored to your environment.
    • Create a solid foundation to sustain your vendor management initiative as it evolves and matures.
    • Leverage vendor management-specific tools and templates to manage vendors more proactively and improve communication.
    • Concentrate your vendor management resources on the right vendors.
    • Build a roadmap and project plan for your vendor management journey to ensure you reach your destination.
    • Build collaborative relationships with critical vendors.

    Essentials of Vendor Management for Small Business Research & Tools

    Start here – read the Executive Brief

    Read this Executive Brief to understand how changes in the vendor landscape and customer reliance on vendors have made a vendor management initiative indispensible.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Plan

    This phase helps you organize your VMI and document internal processes, relationships, roles, and responsibilities. The main outcomes from this phase are organizational documents, a baseline VMI maturity level, and a desired future state for the VMI.

    • Essentials of Vendor Management for Small Business – Phase 1: Plan
    • Phase 1 Small Business Tools and Templates Compendium

    2. Build

    This phase helps you configure and create the tools and templates that will help you run the VMI. The main outcomes from this phase are a clear understanding of which vendors are important to you, the tools to manage the vendor relationships, and an implementation plan.

    • Essentials of Vendor Management for Small Business – Phase 2: Build
    • Phase 2 Small Business Vendor Classification Tool
    • Phase 2 Small Business Risk Assessment Tool
    • Phase 2 Small Business Tools and Templates Compendium

    3. Run

    This phase helps you begin operating the VMI. The main outcomes from this phase are guidance and the steps required to implement your VMI.

    • Essentials of Vendor Management for Small Business – Phase 3: Run

    4. Review

    This phase helps the VMI identify what it should stop doing, start doing, and continue doing as it improves and matures. The main outcomes from this phase are ways to advance the VMI and maintain internal alignment.

    • Essentials of Vendor Management for Small Business – Phase 4: Review
    [infographic]

    Further reading

    Essentials of Vendor Management for Small Business

    Create and implement a vendor management framework to begin obtaining measurable results in 90 days.


    EXECUTIVE BRIEF

    Analyst Perspective

    Vendor Management Challenge

    Small businesses are often challenged by the growth and complexity of their vendor ecosystem, including the degree to which the vendors control them. Vendors are increasing, obtaining more and more budget dollars, while funding for staff or headcount is decreasing as a result of cloud-based applications and an increase in our reliance on Managed Service Providers. Initiating a vendor management initiative (VMI) vs. creating a fully staffed vendor management office will get you started on the path of proactively controlling your vendors instead of consistently operating in a reactionary mode. This blueprint is designed with that very thought: to assist small businesses in creating the essentials of a vendor management initiative.

    This is a picture of Steve Jeffery

    Steve Jeffery
    Principal Research Director, Vendor Management
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Each year, IT organizations "outsource" tasks, activities, functions, and other items. During 2021:

    • Spend on as-a-service providers increased 38% over 2020.*
    • Spend on managed service providers increased 16% over 2020.*
    • IT service providers increased their merger and acquisition numbers by 47% over 2020.*

    This leads to more spend, less control, and more risk for IT organizations. Managing this becomes a higher priority for IT, but many IT organizations are ill-equipped to do this proactively.

    Common Obstacles

    As new contracts are negotiated and existing contracts are renegotiated or renewed, there is a perception that the contracts will yield certain results, output, performance, solutions, or outcomes. The hope is that these will provide a measurable expected value to IT and the organization. Oftentimes, much of the expected value is never realized. Many organizations don't have a VMI to help:

    • Ensure at least the expected value is achieved.
    • Improve on the expected value through performance management.
    • Significantly increase the expected value through a proactive VMI.

    Info-Tech's Approach

    Vendor Management is a proactive, cross-functional lifecycle. It can be broken down into four phases:

    • Plan
    • Build
    • Run
    • Review

    The Info-Tech process addresses all four phases and provides a step-by-step approach to configure and operate your VMI. The content in this blueprint helps you quickly establish your VMI and sets a solid foundation for its growth and maturity.

    Info-Tech Insight

    Vendor management is not a one-size-fits-all initiative. It must be configured:

    • For your environment, culture, and goals.
    • To leverage the strengths of your organization and personnel.
    • To focus your energy and resources on your critical vendors.

    Executive Summary

    Your challenge

    Spend on managed service providers and as-a-service providers continues to increase. In addition, IT services vendors continue to be active in the mergers and acquisitions arena. This increases the need for a VMI to help with the changing IT vendor landscape.

    38%

    2021

    16%

    2021

    47%

    2021

    Spend on as-a-service providers

    Spend on managed services providers

    IT services merger & acquisition growth (transactions)

    Source: Information Services Group, Inc., 2022.

    Executive Summary

    Common obstacles

    When organizations execute, renew, or renegotiate a contract, there is an "expected value" associated with that contract. Without a robust VMI, most of the expected value will never be realized. With a robust VMI, the realized value significantly exceeds the expected value during the contract term.

    A contract's realized value with and without a vendor management initiative

    This is an image of a bar graph showing the difference in value between those with and without a VMI, with and for those with a VMI, with Vendor Collaboration and with Vendor Performance Management. The data for those with a VMI have substantially more value.

    Source: Based on findings from Geller & Company, 2003.

    Executive Summary

    Info-Tech's approach

    A sound, cyclical approach to vendor management will help you create a VMI that meets your needs and stays in alignment with your organization as they both change (i.e. mature and grow).

    This is an image of the 4 Step Vendor Management Process. The four steps are: 1. Plan; 2. Build; 3. Run; 4. Review.

    Info-Tech's methodology for creating and operating your vmi

    Phase 1 - Plan Phase 2 - Build Phase 3 - Run Phase 4 - Review
    Phase Steps

    1.1 Mission Statement and Goals

    1.2 Scope

    1.3 Strengths and Obstacles

    1.4 Roles and Responsibilities

    2.1 Classification Model

    2.2 Risk Assessment Tool

    2.3 Scorecards and Feedback

    2.4 Business Alignment Meeting Agenda

    2.5 Relationship Alignment Document

    2.6 Vendor Orientation

    2.7 3-Year Roadmap

    2.8 90-Day Plan

    2.9 Quick Wins2.10 Reports

    3.1 Classify Vendors

    3.2 Compile Scorecards

    3.3 Conduct Business Alignment Meetings

    3.4 Work the 90-Day Plan

    3.5 Manage the 3-Year Roadmap

    3.6 Develop/Improve Vendor Relationships

    4.1 Incorporate Leading Practices

    4.2 Leverage Lessons Learned

    4.3 Maintain Internal Alignment

    Phase Outcomes This phase helps you organize your VMI and document internal processes, relationships, roles, and responsibilities. The main outcomes from this phase are organizational documents, a baseline VMI maturity level, and a desired future state for the VMI. This phase helps you configure and create the tools and templates that will help you run the VMI. The main outcomes from this phase are a clear understanding of which vendors are important to you, the tools to manage the vendor relationships, and an implementation plan. This phase helps you begin operating the VMI. The main outcomes from this phase are guidance and the steps required to implement your VMI. This phase helps the VMI identify what it should stop doing, start doing, and continue doing as it improves and matures. The main outcomes from this phase are ways to advance the VMI and maintain internal alignment.

    Insight Summary

    Insight 1

    Vendor management is not "plug and play" – each organization's vendor management initiative (VMI) needs to fit its culture, environment, and goals. While there are commonalities and leading practices associated with vendor management, your initiative won't look exactly like another organization's. The key is to adapt vendor management principles to fit your needs.

    Insight 2

    All vendors are not of equal importance to your organization. Internal resources are a scarce commodity and should be deployed so that they provide the best return on the organization's investment. Classifying or segmenting your vendors allows you to focus your efforts on the most important vendors first, allowing your VMI to have the greatest impact possible.

    Insight 3

    Having a solid foundation is critical to the VMI's ongoing success. Whether you will be creating a formal vendor management office or using vendor management techniques, tools, and templates "informally", starting with the basics is essential. Make sure you understand why the VMI exists and what it hopes to achieve, what is in and out of scope for the VMI, what strengths the VMI can leverage and the obstacles it will have to address, and how it will work with other areas within your organization.

    Blueprint benefits

    IT benefits

    • Identify and manage risk proactively.
    • Reduce costs and maximize value.
    • Increase visibility with your critical vendors.
    • Improve vendor performance.
    • Create a collaborative environment with key vendors.
    • Segment vendors to allocate resources more effectively and more efficiently.

    Business benefits

    • Improve vendor accountability.
    • Increase collaboration between departments.
    • Improve working relationships with your vendors.
    • Create a feedback loop to address vendor/customer issues before they get out of hand or are more costly to resolve.
    • Increase access to meaningful data and information regarding important vendors.

    Phase 1 - Plan

    Phase 1

    Phase 2 Phase 3 Phase 4

    1.1 Mission Statement and Goals

    1.2 Scope

    1.3 Strengths and Obstacles

    1.4 Roles and Responsibilities

    2.1 Classification Model

    2.2 Risk Assessment Tool

    2.3 Scorecards and Feedback

    2.4 Business Alignment Meeting Agenda

    2.5 Relationship Alignment Document

    2.6 Vendor Orientation

    2.7 3-Year Roadmap

    2.8 90-Day Plan

    2.9 Quick Wins

    2.10 Reports

    3.1 Classify Vendors

    3.2 Compile Scorecards

    3.3 Conduct Business Alignment Meetings

    3.4 Work the 90-Day Plan

    3.5 Manage the 3-Year Roadmap

    3.6 Develop/Improve Vendor Relationships

    4.1 Incorporate Leading Practices

    4.2 Leverage Lessons Learned

    4.3 Maintain Internal Alignment

    This phase will walk you through the following activity:

    • Organizing your VMI and document internal processes, relationships, roles, and responsibilities. The main outcomes from this phase are organizational documents, and a desired future state for the VMI.

    This phase involves the following participants:

    • VMI team
    • Applicable stakeholders and executives
    • Procurement/Sourcing
    • IT
    • Others as needed

    Vendor Management Initiative Basics for the Small/Medium Businesses

    Phase 1 – Plan

    Get Organized

    Phase 1 – Plan focuses on getting organized. Foundational elements (Mission Statement, Goals, Scope, Strengths and Obstacles, Roles and Responsibilities, and Process Mapping) will help you define your VMI. These and the other elements of this Phase will follow you throughout the process of starting up your VMI and running it.

    Spending time up front to ensure that everyone is on the same page will help avoid headaches down the road. The tendency is to skimp (or even skip) on these steps to get to "the good stuff." To a certain extent, the process provided here is like building a house. You wouldn't start building your dream home without having a solid blueprint. The same is true with vendor management. Leveraging vendor management tools and techniques without the proper foundation may provide some benefit in the short term, but in the long term it will ultimately be a house of cards waiting to collapse.

    Step 1.1 – Mission statement and goals

    Identify why the VMI exists and what it will achieve

    Whether you are starting your vendor management journey or are already down the path, it is important to know why the vendor management initiative exists and what it hopes to achieve. The easiest way to document this is with a written declaration in the form of a Mission Statement and Goals. Although this is the easiest way to proceed, it is far from easy.

    The Mission Statement should identify at a high level the nature of the services provided by the VMI, who it will serve, and some of the expected outcomes or achievements. The Mission Statement should be no longer than one or two sentences.

    The complement to the Mission Statement is the list of goals for the VMI. Your goals should not be a reassertion of your Mission Statement in bullet format. At this stage it may not be possible to make them SMART (Specific, Measurable, Achievable/Attainable, Relevant, Time-Bound/Time-Based), but consider making them as SMART as possible. Without some of the SMART parameters attached, your goals are more like dreams and wishes. At a minimum, you should be able to determine the level of success achieved for each of the VMI goals.

    Although the VMI's Mission Statement will stay static over time (other than for significant changes to the VMI or organization as a whole), the goals should be reevaluated periodically using a SMART filter, and adjusted as needed.

    1.1.1 – Mission statement and goals

    20 – 40 Minutes

    1. Meet with the participants and use a brainstorming activity to list, on a whiteboard or flip chart, the reasons why the VMI will exist.
    2. Review external mission statements for inspiration.
    3. Review internal mission statements from other areas to ensure consistency.
    4. Draft and document your Mission Statement in the Phase 1 Tools and Templates Compendium – Tab 1.1 Mission Statement and Goals.
    5. Continue brainstorming and identify the high-level goals for the VMI.
    6. Review the list of goals and make them as SMART (Specific, Measurable, Achievable/Attainable, Relevant, Time-Bound/Time-Based) as possible.
    7. Document your goals in the Phase 1 Tools and Templates Compendium– Tab 1.1 Mission Statement and Goals.
    8. Obtain signoff on the Mission Statement and goals from stakeholders and executives as required.

    Input

    • Brainstorming results
    • Mission statements from other internal and external sources

    Output

    • Completed Mission Statement and Goals

    Materials

    • Whiteboard/Flip Charts
    • Phase 1 Tools and Templates Compendium – Tab 1.1 Mission Statement and Goals

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Download the Info-Tech Phase 1 Tools and Templates Compendium

    Step 1.2 – Scope

    Determine what is in scope and out of scope for the VMI

    Regardless of where your VMI resides or how it operates, it will be working with other areas within your organization. Some of the activities performed by the VMI will be new and not currently handled by other groups or individuals internally; at the same time, some of the activities performed by the VMI may be currently handled by other groups or individuals internally. In addition, executives, stakeholders, and other internal personnel may have expectations or make assumptions about the VMI. As a result, there can be a lot of confusion about what the VMI does and doesn't do, and the answers cannot always be found in the VMI's Mission Statement and Goals.

    One component of helping others understand the VMI landscape is formalizing the VMI Scope. The Scope will define boundaries for the VMI. The intent is not to fence itself off and keep others out but provide guidance on where the VMI's territory begins and ends. Ultimately, this will help clarify the VMI's roles and responsibilities, improve workflow, and reduce errant assumptions.

    When drafting your VMI scoping document, make sure you look at both sides of the equation (similar to what you would do when following best practices for a statement of work). Identify what is in scope and what is out of scope. Be specific when describing the individual components of the VMI Scope, and make sure executives and stakeholders are onboard with the final version.

    1.2.1 – Scope

    20 - 40 Minutes

    1. Meet with the participants and use a brainstorming activity to list, on a whiteboard or flip chart, the activities and functions in scope and out of scope for the VMI.
      1. Be specific to avoid ambiguity and improve clarity.
      2. Go back and forth between in scope and out of scope as needed; it is not necessary to list all the in-scope items and then turn your attention to the out-of-scope items.
    2. Review the lists to make sure there is enough specificity. An item may be in scope or out of scope, but not both.
    3. Use the Phase 1 Tools and Templates Compendium – Tab 1.2 Scope to document the results.
    4. Obtain signoff on the Scope from stakeholders and executives as required.

    Input

    • Brainstorming results
    • Mission Statement and Goals

    Output

    • Completed list of items in and out of scope for the VMI

    Materials

    • Whiteboard/Flip Charts
    • Phase 1 Tools and Templates Compendium – Tab 1.2 Scope

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Download the Info-Tech Phase 1 Tools and Templates Compendium

    Step 1.3 – Strengths and obstacles

    Pinpoint the VMI's strengths and obstacles

    A SWOT analysis (strengths, weaknesses, opportunities, and threats) is a valuable tool, but it is overkill for your VMI at this point. However, using a modified and simplified form of this tool (strengths and obstacles) will yield significant results and benefit the VMI as it grows and matures.

    Your output will be two lists: the strengths associated with the VMI and the obstacles the VMI is facing. For example, strengths could include items such as smart people working within the VMI and executive support. Obstacles could include items such as limited headcount and training required for VMI staff.

    The goals are 1) to harness the strengths to help the VMI be successful and 2) to understand the impact of the obstacles and plan accordingly. The output can also be used to enlighten executives and stakeholders about the challenges associated with their directives or requests (e.g. human bandwidth may not be sufficient to accomplish some of the vendor management activities and there is a moratorium on hiring until the next budget year).

    For each strength identified, determine how you will or can leverage it when things are going well or when the VMI is in a bind. For each obstacle, list the potential impact on the VMI (e.g. scope, growth rate, and number of vendors that can actively be part of the VMI).

    As you do your brainstorming, be as specific as possible and validate your lists with stakeholders and executives as needed.

    1.3.1 – Strengths and obstacles

    20 - 40 Minutes

    Meet with the participants and use a brainstorming activity to list, on a whiteboard or flip chart, the VMI's strengths and obstacles.

    Be specific to avoid ambiguity and improve clarity.

    Go back and forth between strengths and obstacles as needed; it is not necessary to list all the strengths first and then all the obstacles.

    It is possible for an item to be a strength and an obstacle; when this happens, add details to distinguish the situations.

    Review the lists to make sure there is enough specificity.

    Determine how you will leverage each strength and how you will manage each obstacle.

    Use the Phase 1 Tools and Templates Compendium – Tab 1.3 Strengths and Obstacles to document the results.

    Obtain signoff on the strengths and obstacles from stakeholders and executives as required.

    Input

    • Brainstorming
    • Mission Statement and Goals
    • Scope

    Output

    • Completed list of items impacting the VMI's ability to be successful: strengths the VMI can leverage and obstacles the VMI must manage

    Materials

    • Whiteboard/Flip Charts
    • Phase 1 Tools and Templates Compendium – Tab 1.3 Strengths and Obstacles

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Download the Info-Tech Phase 1 Tools and Templates Compendium

    Step 1.4 – Roles and responsibilities

    Obtain consensus on who is responsible for what

    One crucial success factor for VMIs is gaining and maintaining internal alignment. There are many moving parts to an organization, and a VMI must be clear on the various roles and responsibilities related to the relevant processes. Some of this information can be found in the VMI's Scope referenced in Step 1.2, but additional information is required to avoid stepping on each other's toes; many of the processes require internal departments to work together. (For example, obtaining requirements for a request for proposal takes more than one person or department). While it is not necessary to get too granular, it is imperative that you have a clear understanding of how the VMI activities will fit within the larger vendor management lifecycle (which is comprised of many sub processes) and who will be doing what.

    As we have learned through our workshops and guided implementations, a traditional RACI* or RASCI* Chart does not work well for this purpose. These charts are not intuitive, and they lack the specificity required to be effective. For vendor management purposes, a higher-level view and a slightly different approach provide much better results.

    This step will lead your through the creation of an OIC* Chart to determine vendor management lifecycle roles and responsibilities. Afterward, you'll be able to say, "Oh, I see clearly who is involved in each part of the process and what their role is."

    *RACI – Responsible, Accountable, Consulted, Informed

    *RASCI – Responsible, Accountable, Support, Consulted, Informed

    *OIC – Owner, Informed, Contributor

    This is an image of a table, where the row headings are: Role 1-5, and the Column Headings are: Step 1-5.

    Step 1.4 – Roles and responsibilities (cont'd)

    Obtain consensus on who is responsible for what

    To start, define the vendor management lifecycle steps or process applicable to your VMI. Next, determine who participates in the vendor management lifecycle. There is no need to get too granular – think along the lines of departments, subdepartments, divisions, agencies, or however you categorize internal operational units. Avoid naming individuals other than by title; this typically happens when a person oversees a large group (e.g. the CIO [chief information officer] or the CPO [chief procurement officer]). Be thorough, but don't let the chart get out of hand. For each role and step of the lifecycle, ask whether the entry is necessary; does it add value to the clarity of understanding the responsibilities associated with the vendor management lifecycle? Consider two examples, one for roles and one for lifecycle steps. 1) Is IT sufficient or do you need IT Operations and IT Development? 2) Is "negotiate contract documents" sufficient or do you need negotiate the contract and negotiate the renewal? The answer will depend on your culture and environment but be wary of creating a spreadsheet that requires an 85-inch monitor to view it.

    After defining the roles (departments, divisions, agencies) and the vendor management lifecycle steps or process, assign one of three letters to each box in your chart:

    • O – Owner – who owns the process; they may also contribute to it.
    • I – Informed – who is informed about the progress or results of the process.
    • C – Contributor – who contributes or works on the process; it can be tangible or intangible contributions.

    This activity can be started by the VMI or done as a group with representatives from each of the named roles. If the VMI starts the activity, the resulting chart should be validated by the each of the named roles.

    1.4.1 – Roles and responsibilities

    1 – 6 hours

    1. Meet with the participants and configure the OIC Chart in the Phase 1 Tools and Templates Compendium – Tab 1.4 OIC Chart.
      1. Review the steps or activities across the top of the chart and modify as needed.
      2. Review the roles listed along the left side of the chart and modify as needed.
    2. For each activity or step across the top of the chart, assign each role a letter – O for owner of that activity or step, I for informed, or C for contributor. Use only one letter per cell.
    3. Work your way across the chart. Every cell should have an entry or be left blank if it is not applicable.
    4. Review the results and validate that every activity or step has an O assigned to it; there must be an owner for every activity or step.
    5. Obtain signoff on the OIC Chart from stakeholders and executives as required.

    Input

    • A list of activities or steps to complete a project starting with requirements gathering and ending with ongoing risk management.
    • A list of internal areas (departments, divisions, agencies, etc.) and stakeholders that contribute to completing a project.

    Output

    • Completed OCI chart indicating roles and responsibilities for the VMI and other internal areas.

    Materials

    • Phase 1 Tools and Templates Compendium – Tab 1.4 OIC Chart

    Participants

    • VMI team
    • Procurement/Sourcing
    • IT
    • Representatives from other areas as needed
    • Applicable stakeholders and executives (as needed)

    Download the Info-Tech Phase 1 Tools and Templates Compendium

    Phase 2 - Build

    Create and configure tools, templates, and processes

    Phase 1

    Phase 2Phase 3Phase 4

    1.1 Mission Statement and Goals

    1.2 Scope

    1.3 Strengths and Obstacles

    1.4 Roles and Responsibilities

    2.1 Classification Model

    2.2 Risk Assessment Tool

    2.3 Scorecards and Feedback

    2.4 Business Alignment Meeting Agenda

    2.5 Relationship Alignment Document

    2.6 Vendor Orientation

    2.7 3-Year Roadmap

    2.8 90-Day Plan

    2.9 Quick Wins

    2.10 Reports

    3.1 Classify Vendors

    3.2 Compile Scorecards

    3.3 Conduct Business Alignment Meetings

    3.4 Work the 90-Day Plan

    3.5 Manage the 3-Year Roadmap

    3.6 Develop/Improve Vendor Relationships

    4.1 Incorporate Leading Practices

    4.2 Leverage Lessons Learned

    4.3 Maintain Internal Alignment

    This phase will walk you through the following activities:

    • Configuring and creating the tools and templates that will help you run the VMI. The main outcomes from this phase are a clear understanding of which vendors are important to you, the tools to manage the vendor relationships, and an implementation plan.

    This phase involves the following participants:

    • VMI team
    • Applicable stakeholders and executives
    • Human Resources
    • Legal
    • Others as needed

    Vendor Management Initiative Basics for the Small/Medium Businesses

    Phase 2 – Build

    Create and configure tools, templates, and processes

    Phase 2 – Build focuses on creating and configuring the tools and templates that will help you run your VMI. Vendor management is not a plug and play environment, and unless noted otherwise, the tools and templates included with this blueprint require your input and thought. The tools and templates must work in concert with your culture, values, and goals. That will require teamwork, insights, contemplation, and deliberation.

    During this Phase you'll leverage the various templates and tools included with this blueprint and adapt them for your specific needs and use. In some instances, you'll be starting with mostly a blank slate; while in others, only a small modification may be required to make it fit your circumstances. However, it is possible that a document or spreadsheet may need heavy customization to fit your situation. As you create your VMI, use the included materials for inspiration and guidance purposes rather than as absolute dictates.

    Step 2.1 – Classification model

    Configure the COST vendor classification tool

    One of the functions of a VMI is to allocate the appropriate level of vendor management resources to each vendor since not all vendors are of equal importance to your organization. While some people may be able intuitively to sort their vendors into vendor management categories, a more objective, consistent, and reliable model works best. Info-Tech's COST model helps you assign your vendors to the appropriate vendor management category so that you can focus your vendor management resources where they will do the most good.

    COST is an acronym for Commodity, Operational, Strategic, and Tactical. Your vendors will occupy one of these vendor management categories, and each category helps you determine the nature of the resources allocated to that vendor, the characteristics of the relationship desired by the VMI, and the governance level used.

    The easiest way to think of the COST model is as a 2 x 2 matrix or graph. The model should be configured for your environment so that the criteria used for determining a vendor's classification align with what is important to you and your organization. However, at this point in your VMI's maturation, a simple approach works best. The Classification Model included with this blueprint requires minimal configuration to get your started, and that is discussed on the activity slide associated with this Step 2.1.

    This is an image of the COST Vendor Classification Tool.

    Step 2.1 – Classification model (cont'd)

    Configure the COST vendor classification tool

    Common characteristics by vendor management category

    Operational

    Strategic
    • Low to moderate risk and criticality; moderate to high spend and switching costs
    • Product or service used by more than one area
    • Price is a key negotiation point
    • Product or service is valued by the organization
    • Quality or the perception of quality is a differentiator (i.e. brand awareness)
    • Moderate to high risk and criticality; moderate to high spend and switching costs
    • Few competitors and differentiated products and services
    • Product or service significantly advances the organization's vision, mission, and success
    • Well-established in their core industry

    Commodity

    Tactical
    • Low risk and criticality; low spend and switching costs
    • Product or service is readily available from many sources
    • Market has many competitors and options
    • Relationship is transactional
    • Price is the main differentiator
    • Moderate to high risk and criticality; low to moderate spend and switching costs
    • Vendor offerings align with or support one or more strategic objectives
    • Often IT vendors "outside" of IT (i.e. controlled and paid for by other areas)
    • Often niche or new vendors

    Source: Compiled in part from Guth, Stephen. "Vendor Relationship Management Getting What You Paid for (And More)." 2015.

    2.1.1 – Classification model

    15 – 30 Minutes

    1. Meet with the participants to configure the spend ranges in Phase 2 Vendor Classification Tool – Tab 1. Configuration for your environment.
    2. Collect your vendors and their annual spend to sort by largest to lowest.
    3. Update cells F14-J14 in the Classification Model based on your actual data.
      1. Cell F14 – Set the boundary at a point between the spend for your 10th and 11th ranked vendors. For example, if the 10th vendor by spend is $1,009, 850 and the 11th vendor by spend is $980,763, the range for F14 would be $1,000,00+.
      2. Cell G14 – Set the bottom of the range at a point between the spend for your 30th and 31st ranked vendors; the top of the range will be $1 less than the bottom of the range specified in F14.
      3. Cell H14 – Set the bottom of the range slightly below the spend for your 50th ranked vendor; the top of the range will be $1 less than the bottom of the range specified in G14.
      4. Cells I14 and J14 – Divide the remaining range in half and split it between the two cells; for J14 the range will be $0 to $1 less than the bottom range in I14.
    4. Ignore the other variables at this time.

    Input

    • Phase 1 List of Vendors by Annual Spend

    Output

    • Configured Vendor Classification Tool

    Materials

    • Phase 2 Vendor Classification Tool – Tab 1. Configuration

    Participants

    • VMI team

    Download the Info-Tech Phase 2 Vendor Classification Tool

    Step 2.2 – Risk assessment tool

    Identify risks to measure, monitor, and report on

    One of the typical drivers of a VMI is risk management. Organizations want to get a better handle on the various risks their vendors pose. Vendor risks originate from many areas: financial, performance, security, legal, and others. However, security risk is the high-profile risk, and the one organizations often focus on almost exclusively, which leaves the organization vulnerable in other areas.

    Risk management is a program, not a project; there is no completion date. A proactive approach works best and requires continual monitoring, identification, and assessment. Reacting to risks after they occur can be costly and have other detrimental effects on the organization. Any risk that adversely affects IT will adversely affect the entire organization.

    While the VMI won't necessarily be quantifying or calculating the risk directly, it generally is the aggregator of risk information across the risk categories, which it then includes in its reporting function (see Steps 2.12 and 3.8).

    At a minimum, your risk management strategy should involve:

    • Identifying the risks you want to measure and monitor.
    • Identifying your risk appetite (the amount of risk you are willing to live with).
    • Measuring, monitoring, and reporting on the applicable risks.
    • Developing and deploying a risk management plan to minimize potential risk impact.

    Vendor risk is a fact of life, but you do have options for how to handle it. Be proactive and thoughtful in your approach, and focus your resources on what is important.

    2.2.1 – Risk assessment tool

    30 - 90 Minutes

    1. Meet with the participants to configure the risk indicators in Phase 2 Vendor Risk Assessment Tool – Tab 1. Set parameters for your environment.
    2. Review the risk categories and determine which ones you will be measuring and monitoring.
    3. Review the risk indicators under each risk category and determine whether the indicator is acceptable as written, is acceptable with modifications, should be replaced, or should be deleted.
    4. Make the necessary changes to the risk indicators; these changes will cascade to each of the vendor tabs. Limit the number of risk indicators to no more than seven per risk category.
    5. Gain input and approval as needed from sponsors, stakeholders, and executives as required.

    Input

    • Scope
    • OIC Chart
    • Process Maps
    • Brainstorming

    Output

    • Configured Vendor Risk Assessment Tool

    Materials

    • Phase 2 Vendor Risk Assessment Tool – Tab 1. Set Parameters

    Participants

    • VMI team

    Download the Info-Tech Phase 2 Vendor Classification Tool

    Step 2.3 – Scorecards and feedback

    Design a two-way feedback loop with your vendors

    A vendor management scorecard is a great tool for measuring, monitoring, and improving relationship alignment. In addition, it is perfect for improving communication between you and the vendor.

    Conceptually, a scorecard is similar to a school report card. At the end of a learning cycle, you receive feedback on how well you do in each of your classes. For vendor management, the scorecard is also used to provide periodic feedback, but there are some nuances and additional benefits and objectives when compared to a report card.

    Although scorecards can be used in a variety of ways, the focus here will be on vendor management scorecards – contract management, project management, and other types of scorecards will not be included in the materials covered in this Step 2.3 or in Step 3.4.

    This image contains a table with the score for objectives A-D. The scores are: A4, B3, C5, D4.

    Step 2.3 – Scorecards and feedback (cont'd)

    Design a two-way feedback loop with your vendors

    Anatomy

    The Info-Tech scorecard includes five areas:

    • Measurement categories. Measurement categories help organize the scorecard. Limit the number of measurement categories to three to five; this allows the parties to stay focused on what's important. Too many measurement categories make it difficult for the vendor to understand the expectations.
    • Criteria. The criteria describe what is being measured. Create criteria with sufficient detail to allow the reviewers to fully understand what is being measured and to evaluate it. Criteria can be objective or subjective. Use three to five criteria per measurement category.
    • Measurement category weights. Not all your measurement categories may be of equal importance to you; this area allows you to give greater weight to a measurement category when compiling the overall score.
    • Rating. Reviewers will be asked to assign a score to each criteria using a 1 to 5 scale.
    • Comments. A good scorecard will include a place for reviewers to provide additional information regarding the rating, or other items that are relevant to the scorecard.

    An overall score is calculated based on the rating for each criteria and the measurement category weights.

    Step 2.3 – Scorecards and feedback (cont'd)

    Design a two-way feedback loop with your vendors

    Goals and objectives

    Scorecards can be used for a variety of reasons. Some of the common ones are:

    • Improving vendor performance.
    • Conveying expectations to the vendor.
    • Identifying and recognizing top vendors.
    • Increasing alignment between the parties.
    • Improving communication with the vendor.
    • Comparing vendors across the same criteria.
    • Measuring items not included in contract metrics.
    • Identifying vendors for "strategic alliance" consideration.
    • Helping the organization achieve specific goals and objectives.

    Identifying and resolving issues before they impact performance or the relationship.

    Identifying your scorecard drivers first will help you craft a suitable scorecard.

    Step 2.3 – Scorecards and feedback (cont'd)

    Design a two-way feedback loop with your vendors

    Info-Tech recommends starting with simple scorecards to allow you and the vendors to acclimate to the new process and information. As you build your scorecards, keep in mind that internal personnel will be scoring the vendors and the vendors will be reviewing the scorecard. Make your scorecard easy for your personnel to fill out, and containing meaningful content to drive the vendor in the right direction. You can always make the scorecard more complex in the future.

    Our recommendation of five categories is provided below. Choose three to five of the categories that help you accomplish your scorecard goals and objectives:

    1. Timeliness – Responses, resolutions, fixes, submissions, completions, milestones, deliverables, invoices, etc.
    2. Cost – Total cost of ownership, value, price stability, price increases/decreases, pricing models, etc.
    3. Quality – Accuracy, completeness, mean time to failure, bugs, number of failures, etc.
    4. Personnel – Skilled, experienced, knowledgeable, certified, friendly, trustworthy, flexible, accommodating, etc.
    5. Risk – Adequate contractual protections, security breaches, lawsuits, finances, audit findings, etc.

    Some criteria may be applicable in more than one category. The categories above should cover at least 80% of the items that are important to your organization. The general criteria listed for each category is not an exhaustive list, but most things break down into time, money, quality, people, and risk issues.

    Step 2.3 – Scorecards and feedback (cont'd)

    Design a two-way feedback loop with your vendors

    Additional Considerations

    • Even a good rating system can be confusing. Make sure you provide some examples or a way for reviewers to discern the differences between a 1, 2, 3, 4, and 5. Don't assume your "rating key" will be intuitive.
    • When assigning weights, don't go lower than 10% for any measurement category. If the weight is too low, it won't be relevant enough to have an impact on the total score. If it doesn't "move the needle", don't include it.
    • Final sign-off on the scorecard template should occur outside the VMI. The heavy lifting can be done by the VMI to create it, but the scorecard is for the benefit of the organization overall, and those impacted by the vendors specifically. You may end up playing arbiter or referee, but the scorecard is not the exclusive property of the VMI. Try to reach consensus on your final template whenever possible.
    • You should notice improved ratings and total scores over time for your vendors. One explanation for this is the Pygmalion Effect: "The Pygmalion [E]ffect describes situations where someone's high expectations improves our behavior and therefore our performance in a given area. It suggests that we do better when more is expected of us."* Convey your expectations and let the vendors' competitive juices take over.
    • While creating your scorecard and materials to explain the process to internal personnel, identify those pieces that will help you explain it to your vendors during vendor orientation (see Steps 2.6 and 3.4). Leveraging pre-existing materials is a great shortcut.

    *Source: The Decision Lab, n.d.

    Step 2.3 – Scorecards and feedback (cont'd)

    Design a two-way feedback loop with your vendors

    Vendor Feedback

    After you've built your scorecard, turn your attention to the second half of the equation – feedback from the vendor. A communication loop cannot be successful without dialogue flowing both ways. While this can happen with just a scorecard, a mechanism specifically geared toward the vendor providing you with feedback improves communication, alignment, and satisfaction.

    You may be tempted to create a formal scorecard for the vendor to use; avoid that temptation until later in your maturity or development of the VMI. You'll be implementing a lot of new processes, deploying new tools and templates, and getting people to work together in new ways. Work on those things first.

    For now, implement an informal process for obtaining information from the vendor. Start by identifying information that you will find useful – information that will allow you to improve overall, to reduce waste or time, to improve processes, to identify gaps in skills. Incorporate these items into your business alignment meetings (see Steps 2.4 and 3.5). Create three to five good questions to ask the vendor and include these in the business alignment meeting agenda. The goal is to get meaningful feedback, and that starts with asking good questions.

    Keep it simple at first. When the time is right, you can build a more formal feedback form or scorecard. Don't be in a rush; as long as the informal method works, keep using it.

    2.3.1 – Scorecards and feedback

    30 – 60 Minutes

    1. Meet with the participants and brainstorm ideas for your scorecard measurement categories:
      1. What makes a vendor valuable to your organization?
      2. What differentiates a "good" vendor from a "bad" vendor?
      3. What items would you like to measure and provide feedback on to the vendor to improve performance, the relationship, risk, and other areas?
    2. Select three, but no more than five, of the following measure categories: timeliness, cost, quality, personnel, and risk.
    3. Within each measurement category, list two or three criteria that you want to measure and track for your vendors. Choose items that are as universal as possible rather than being applicable to one vendor or one vendor type.
    4. Assign a weight to each measurement category, ensuring that the total weight is 100% for all measurement categories.
    5. Document your results as you go in Phase 2 Tools and Templates Compendium – Tab 2.3 Scorecard.

    Input

    • Brainstorming

    Output

    • Configured Scorecard template

    Materials

    • Phase 2 Tools and Templates Compendium – Tab 2.3 Scorecard

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Download the Info-Tech Phase 2 Tools and Templates Compendium

    2.3.2 – Scorecards and feedback

    15 to 30 Minutes

    1. Meet with the participants and brainstorm ideas for feedback to seek from your vendors during your business alignment meetings. During the brainstorming, identify questions to ask the vendor about your organization that will:
      1. Help you improve the relationship.
      2. Help you improve your processes or performance.
      3. Help you improve ongoing communication.
      4. Help you evaluate your personnel.
    2. Identify the top five questions you want to include in your business alignment meeting agenda. (Note: you may need to refine the actual questions from the brainstorming activity before they are ready to include in your business alignment meeting agenda.)
    3. Document both your brainstorming activity and your final results in Phase 2 Tools and Templates Compendium – Tab 2.3 Feedback. The brainstorming questions can be used in the future as your VMI matures and your feedback transforms from informal to formal. The results will be used in Steps 2.4 and 3.5.

    Input

    • Brainstorming

    Output

    • Feedback questions to include with the business alignment meeting agenda

    Materials

    • Phase 2 Tools and Templates Compendium – Tab 2.3 Feedback

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Download the Info-Tech Phase 2 Tools and Templates Compendium

    Step 2.4 – Business alignment meeting agenda

    Craft an agenda that meets the needs of the VMI

    A business alignment meeting (BAM) is a multi-faceted tool to ensure the customer and the vendor stay focused on what is important to the customer at a high level. BAMs are not traditional operational meetings where the parties get into the details of the contracts, deal with installation problems, address project management issues, or discuss specific cost overruns. The focus of the BAM is the scorecard (see Step 2.3), but other topics are discussed, and other purposes are served. For example:

    • You can use the BAM to develop the relationship with the vendor's leadership team so that if escalation is ever needed, your organization is more than just a name on a spreadsheet or customer list.
    • You can learn about innovations the vendor is working on (without the meeting turning into a sales call).
    • You can address high-level performance trends and request corrective action as needed.
    • You can clarify your expectations.
    • You can educate the vendor about your industry, culture, and organization.
    • You can learn more about the vendor.

    As you build your BAM Agenda, someone in your organization may say, "Oh, that's just a quarterly business review (QBR) or top-to-top meeting." In most instances, an existing QBRs or top-to-top meeting is not the same as a BAM. Using the term QBR or top-to-top meeting instead of BAM can lead to confusion internally. The VMI may say to the business unit, procurement, or another department, "We're going to start running some QBRs for our strategic vendors." The typical response is, "There's no need; we already run QBRs/top-to-top meetings with our important vendors." This may be accompanied by an invitation to join their meeting, where you may be an afterthought, have no influence, and get five minutes at the end to talk about your agenda items. Keep your BAM separate so that it meets your needs.

    Step 2.4 – Business alignment meeting agenda (cont'd)

    Craft an agenda that meets the needs of the VMI

    As previously noted, using the term BAM more accurately depicts the nature of the VMI meeting and prevents confusion internally with other meetings already occurring. In addition, hosting the BAM yourself rather than piggybacking onto another meeting ensures that the VMI's needs are met. The VMI will set and control the BAM agenda and determine the invite list for internal personnel and vendor personnel. As you may have figured out by now, having the right customer and vendor personnel attend will be essential.

    BAMs are conducted at the vendor level, not the contract level. As a result, the frequency of the BAMs will depend on the vendor's classification category (see Steps 2.1 and 3.1). General frequency guidelines are provided below, but they can be modified to meet your goals:

    • Commodity vendors – Not applicable
    • Operational vendors – Biannually or annually
    • Strategic vendors – Quarterly
    • Tactical vendors – Quarterly or biannually

    BAMs can help you achieve some additional benefits not previously mentioned:

    • Foster a collaborative relationship with the vendor.
    • Avoid erroneous assumptions by the parties.
    • Capture and provide a record of the relationship (and other items) over time.

    Step 2.4 – Business alignment meeting agenda (cont'd)

    Craft an agenda that meets the needs of the VMI

    As with any meeting, building the proper agenda will be one of the keys to an effective and efficient meeting. A high-level BAM agenda with sample topics is set out below:

    BAM Agenda

    • Opening remarks
      • Welcome and introductions
      • Review of previous minutes
    • Active discussion
      • Review of open issues
      • Scorecard and feedback
      • Current status of projects to ensure situational awareness by the vendor
      • Roadmap/strategy/future projects
      • Accomplishments
    • Closing remarks
      • Reinforce positives (good behavior, results, and performance, value added, and expectations exceeded)
      • Recap
    • Adjourn

    2.4.1 – Business alignment meeting agenda

    20 – 45 Minutes

    1. Meet with the participants and review the sample agenda in Phase 2 Tools and Templates Compendium – Tab 2.4 BAM Agenda.
    2. Using the sample agenda as inspiration and brainstorming activities as needed, create a BAM agenda tailored to your needs.
      1. Select the items from the sample agenda applicable to your situation.
      2. Add any items required based on your brainstorming.
      3. Add the feedback questions identified during Activity 2.3.2 and documented in Phase 2 Tools and Templates Compendium – Tab 2.3 Feedback.
    3. Gain input and approval from sponsors, stakeholders, and executives as required or appropriate.
    4. Document the final BAM agenda in Phase 2 Tools and Templates Compendium –Tab 2.4 BAM Agenda.

    Input

    • Brainstorming
    • Phase 2 Tools and Templates Compendium – Tab 2.3 Feedback

    Output

    • Configured BAM agenda

    Materials

    • Phase 2 Tools and Templates Compendium – Tab2 .4 BAM Agenda

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Download the Info-Tech Phase 2 Tools and Templates Compendium

    Step 2.5 – Relationship alignment document

    Draft a document to convey important VMI information to your vendors

    Throughout this blueprint, alignment is mentioned directly (e.g. business alignment meetings [Steps 2.4 and 3.3]) or indirectly implied. Ensuring you and your vendors are on the same page, have clear and transparent communication, and understand each other's expectations is critical to fostering strong relationships. One component of gaining and maintaining alignment with your vendors is the Relationship Alignment Document (RAD). Depending upon the Scope of your VMI and what your organization already has in place, your RAD will fill in the gaps on various topics.

    Early in the VMI's maturation, the easiest approach is to develop a short document (1 one page) or a pamphlet (i.e. the classic trifold) describing the rules of engagement when doing business with your organization. The RAD can convey expectations, policies, guidelines, and other items. The scope of the document will depend on:

    1. What you believe is important for the vendors to understand.
    2. Any other similar information already provided to the vendors.

    The first step to drafting a RAD is to identify what information vendors need to know to stay on your good side. You may want vendors to know about your gift policy (e.g. employees may not accept vendor gifts above a nominal value, such as a pen or mousepad). Next, compare your list of what vendors need to know and determine if the content is covered in other vendor-facing documents such as a vendor code of conduct or your website's vendor portal. Lastly, create your RAD to bridge the gap between what you want and what is already in place. In some instances, you may want to include items from other documents to reemphasize them with the vendor community.

    Info-Tech Insight

    The RAD can be used with all vendors regardless of classification category. It can be sent directly to the vendors or given to them during vendor orientation (see Step 3.3)

    2.5.1 – Relationship alignment document

    1 to 4 Hours

    1. Meet with the participants and review the RAD sample and checklist in Phase 2 Tools and Templates Compendium – Tab 2.5 Relationship Alignment Doc.
    2. Determine:
      1. Whether you will create one RAD for all vendors or one RAD for strategic vendors and another RAD for tactical and operational vendors; whether you will create a RAD for commodity vendors.
      2. The concepts you want to include in your RAD(s).
      3. The format for your RAD(s) – traditional, pamphlet, or other.
      4. Whether signoff or acknowledgement will be required by the vendors.
    3. Draft your RAD(s) and work with other internal areas, such as Marketing to create a consistent brand for the RADS, and Legal to ensure consistent use and preservation of trademarks or other intellectual property rights and other legal issues.
    4. Review other vendor-facing documents (e.g. supplier code of conduct, onsite safety and security protocols) for consistencies between them and the RAD(s).
    5. Obtain signoff on the RAD(s) from stakeholders, sponsors, executives, Legal, Marketing, and others as needed.

    Input

    • Brainstorming
    • Vendor-facing documents, policies, and procedures

    Output

    • Completed Relationship Alignment Document(s)

    Materials

    • Phase 2 Tools and Templates Compendium – Tab 2.5 Relationship Alignment Doc

    Participants

    • VMI team
    • Marketing, as needed
    • Legal, as needed

    Download the Info-Tech Phase 2 Tools and Templates Compendium

    Step 2.6 – Vendor orientation

    Create a VMI awareness process to build bridges with your vendors

    Your organization is unique. It may have many similarities with other organizations, but your culture, risk tolerance, mission, vision, and goals, finances, employees, and "customers" (those that depend on you) make it different. The same is true of your VMI. It may have similar principles, objectives, and processes to other organizations' VMIs, but yours is still unique. As a result, your vendors may not fully understand your organization and what vendor management means to you.

    Vendor orientation is another means to helping you gain and maintain alignment with your important vendors, educate them on what is important to you, and provide closure when/if the relationship with the vendor ends. Vendor orientation is comprised of three components, each with a different function:

    • Orientation
    • Reorientation
    • Debrief

    Vendor orientation focuses on the vendor management pieces of the puzzle (e.g. the scorecard process) rather than the operational pieces (e.g. setting up a new vendor in the system to ensure invoices are processed smoothly).

    Step 2.6 – Vendor orientation (cont'd)

    Create a VMI awareness process to build bridges with your vendors

    Reorientation

    • Reorientation is either identical or similar to orientation, depending upon the circumstances. Reorientation occurs for several reasons, and each reason will impact the nature and detail of the reorientation content. Reorientation occurs whenever:
    • There is a significant change in the vendor's products or services.
    • The vendor has been through a merger, acquisition, or divestiture.
    • A significant contract renewal/renegotiation has recently occurred.
    • Sufficient time has passed from orientation; commonly 2 to 3 years.
    • The vendor has been placed in a "performance improvement plan" or "relationship improvement plan" protocol.
    • Significant turnover has occurred within your organization (executives, key stakeholders, and/or VMI personnel).
    • Substantial turnover has occurred at the vendor at the executive or account management level.
    • The vendor has changed vendor classification categories after the most current classification.
    • As the name implies, the goal is to refamiliarize the vendor with your current VMI situation, governances, protocols, and expectations. The drivers for reorientation will help you determine the reorientation's scope, scale, and frequency.

    Step 2.6 – Vendor orientation (cont'd)

    Create a VMI awareness process to build bridges with your vendors

    Debrief

    To continue the analogy from orientation, debrief is like an exit interview for an employee when their employment is terminated. In this case, debrief occurs when the vendor is no longer an active vendor with your organization - all contracts have terminated or expired, and no new business with the vendor is anticipated within the next three months.

    Similar to orientation and reorientation, debrief activities will be based on the vendor's classification category within the COST model. Strategic vendors don't go away very often; usually, they transition to operational or tactical vendors first. However, if a strategic vendor is no longer providing products or services to you, dig a little deeper into their experiences and allocate extra time for the debrief meeting.

    The debrief should provide you with feedback on the vendor's experience with your organization and their participation in your VMI. Additionally, it can provide closure for both parties since the relationship is ending. Be careful that the debrief does not turn into a finger-pointing meeting or therapy session for the vendor. It should be professional and productive; if it is going off the rails, terminate the meeting before more damage can occur.

    End the debrief on a high note if possible. Thank the vendor, highlight its key contributions, and single out any personnel who went above and beyond. You never know when you will be doing business with this vendor again – don't burn bridges!

    Step 2.6 – Vendor orientation (cont'd)

    Create a VMI awareness process to build bridges with your vendors

    As you create your vendor orientation materials, focus on the message you want to convey.

    • For orientation and reorientation:
      • What is important to you that vendors need to know?
      • What will help the vendors understand more about your organization and your VMI?
      • What and how are you different from other organizations overall, and in your "industry"?
      • What will help them understand your expectations?
      • What will help them be more successful?
      • What will help you build the relationship?
    • For debrief:
      • What information or feedback do you want to obtain?
      • What information or feedback to you want to give?

    The level of detail you provide strategic vendors during orientation and reorientation may be different from the information you provide tactical and operational vendors. Commodity vendors are not typically involved in the vendor orientation process. The orientation meetings can be conducted on a one-to-one basis for strategic vendors and a one-to-many basis for operational and tactical vendors; reorientation and debrief are best conducted on a one-to-one basis. Lastly, face-to-face or video meetings work best for vendor orientation; voice-only meetings, recorded videos, or distributing only written materials seldom hit their mark or achieve the desired results.

    Step 2.7 – Three-year roadmap

    Plot your path at a high level

    1. The VMI exists in many planes concurrently:
    2. It operates both tactically and strategically.

    It focuses on different timelines or horizons (e.g., the past, the present, and the future). Creating a three-year roadmap facilitates the VMI's ability to function effectively across these multiple landscapes.

    The VMI roadmap will be influenced by many factors. The work product from Phase 1 – Plan, input from executives, stakeholders, and internal clients, and the direction of the organization are great sources of information as you begin to build your roadmap.

    To start, identify what you would like to accomplish in year 1. This is arguably the easiest year to complete: budgets are set (or you have a good idea what the budget will look like), personnel decisions have been made, resources have been allocated, and other issues impacting the VMI are known with a higher degree of certainty than any other year. This does not mean things won't change during the first year of the VMI, but expectations are usually lower, and the short event horizon makes things more predictable during the year-1 ramp-up period.

    Years 2 and 3 are more tenuous, but the process is the same: identify what you would like to accomplish or roll out in each year. Typically, the VMI maintains the year-1 plan into subsequent years and adds to the scope or maturity. For example, you may start year 1 with BAMs and scorecards for three of your strategic vendors; during year 2, you may increase that to five vendors; and during year 3, you may increase that to nine vendors. Or, you may not conduct any market research during year 1, waiting to add it to your roadmap in year 2 or 3 as you mature.

    Breaking things down by year helps you identify what is important and the timing associated with your priorities. A conservative approach is recommended. It is easy to overcommit, but the results can be disastrous and painful.

    2.7.1 – Three-year roadmap

    45 – 90 Minutes

    1. Meet with the participants and decide how to coordinate year 1 of your three-year roadmap with your existing fiscal year or reporting year. Year 1 may be shorter or longer than a calendar year.
    2. Review the VMI activities listed in Phase 2 Tools and Templates Compendium – Tab 2.7 Three-year roadmap. Use brainstorming and your prior work product from Phase 1 and Phase 2 to identify additional items for the roadmap and add them at the bottom of the spreadsheet.
    3. Starting with the first activity, determine when that activity will begin and put an X in the corresponding column; if the activity is not applicable, leave it blank or insert N/A.
    4. Go back to the top of the list and add information as needed.
      1. For any year-1 or year-2 activities, add an X in the corresponding columns if the activity will be expanded/continued in subsequent periods (e.g., if a Year 2 activity will continue in year 3, put an X in year 3 as well).
      2. Use the comments column to provide clarifying remarks or additional insights related to your plans or "X's". For example, "Scorecards begin in year 1 with three vendors and will roll out to five vendors in year 2 and nine vendors in year 3."
    5. Obtain signoff from stakeholders, sponsors, and executives as needed.

    Input

    • Phase 1 work product
    • Steps 2.1 – 2.6 work product
    • Brainstorming

    Output

    • High level three-year roadmap for the VMI

    Materials

    • Phase 2 Tools and Templates Compendium – Tab 2.7 Three-Year Roadmap

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Download the Info-Tech Phase 2 Tools and Templates Compendium

    Step 2.8 – 90-day plan

    Pave your short-term path with a series of detailed quarterly plans

    Now that you have prepared a three-year roadmap, it's time to take the most significant elements from the first year and create action plans for each three-month period. Your first 90-day plan may be longer or shorter if you want to sync to your fiscal or calendar quarters. Aligning with your fiscal year can make it easier for tracking and reporting purposes; however, the more critical item is to make sure you have a rolling series of four 90-day plans to keep you focused on the important activities and tasks throughout the year.

    The 90-day plan is a simple project plan that will help you measure, monitor, and report your progress. Use the Info-Tech tool to help you track:

    Activities.

    • Tasks comprising each activity.
    • Who will be performing the tasks.
    • An estimate of the time required per person per task.
    • An estimate of the total time to achieve the activity.
    • A due date for the activity.
    • A priority of the activity.

    The first 90-day plan will have the greatest level of detail and should be as thorough as possible; the remaining three 90-day plans will each have less detail for now. As you approach the middle of the first 90-day plan, start adding details to the next 90-day plan; toward the end of the first quarter add a high-level 90-day plan to the end of the chain. Continue repeating this cycle each quarter and consult the three-year roadmap and the leadership team, as necessary.

    2.8.1 – 90-day plan

    45 – 90 Minutes

    1. Meet with the participants and decide how to coordinate the first "90-day" plan with your existing fiscal year or reporting cycles. Your first plan may be shorter or longer than 90 days.
    2. Looking at the year-1 section of the three-year roadmap, identify the activities that will be started during the next 90 days.
    3. Using the Phase 2 Tools and Templates Compendium – Tab 2.8 90-Day Plan, enter the following information into the spreadsheet for each activity to be accomplished during the next 90 days:
      1. Activity description.
      2. Tasks required to complete the activity (be specific and descriptive).
      3. The people who will be performing each task.
      4. The estimated number of hours required to complete each task.
      5. The start date and due date for each task or the activity.
    4. Validate the tasks are a complete list for each activity and the people performing the tasks have adequate time to complete the tasks by the due date(s).
    5. Assign a priority to each Activity.

    Input

    • Three-Year Roadmap
    • Phase 1 work product
    • Steps 2.1 – 2.7 work product
    • Brainstorming

    Output

    • Detailed plan for the VMI for the next quarter or "90" days

    Materials

    • Phase 2 Tools and Templates Compendium – Tab 2.8 90-Day Plan

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Download the Info-Tech Phase 2 Tools and Templates Compendium

    Step 2.9 – Quick wins

    Identify potential short-term successes to gain momentum and show value immediately

    As the final step in the timeline trilogy, you are ready to identify some quick wins for the VMI. Using the first 90-day plan and a brainstorming activity, create a list of things you can do in 15 to 30 days that add value to your initiative and build momentum.

    As you evaluate your list of potential candidates, look for things that:

    • Are achievable within the stated timeline.
    • Don't require a lot of effort.
    • Involve stopping a certain process, activity, or task; this is sometimes known as a "stop doing stupid stuff" approach.
    • Will reduce or eliminate inefficiencies; this is sometimes known as the war on waste.
    • Have a moderate to high impact or bolster the VMI's reputation.

    As you look for quick wins, you may find that everything you identify does not meet the criteria. That's okay; don't force the issue. Return your focus to the 90-day plan and three-year roadmap and update those documents if the brainstorming activity associated with Step 2.9 identified anything new.

    2.9.1 – Quick wins

    15 - 30 Minutes

    1. Meet with the participants and review the three-year roadmap and 90-day plan. Determine if any item on either document can be completed:
      1. Quickly (30 days or less).
      2. With minimal effort.
      3. To provide or show moderate to high levels of value or provide the VMI with momentum.
    2. Brainstorm to identify any other items that meet the criteria in step 1 above.
    3. Compile a comprehensive list of these items and select up to five to pursue.
    4. Document the list in the Phase 2 Tools and Templates Compendium – Tab 2.9 Quick Wins.
    5. Manage the quick wins list and share the results with the VMI team and applicable stakeholders and executives.

    Input

    • Three-Year Roadmap
    • 90-Day Plan
    • Brainstorming

    Output

    • A list of activities that require low levels of effort to achieve moderate to high levels of value in a short period

    Materials

    • Phase 2 Tools and Templates Compendium – Tab 2.9 Quick Wins

    Participants

    • VMI team

    Download the Info-Tech Phase 2 Tools and Templates Compendium

    Step 2.10 – Reports

    Construct your reports to resonate with your audience

    Issuing reports is a critical piece of the VMI since the VMI is a conduit of information for the organization. It may be aggregating risk data from internal areas, conducting vendor research, compiling performance data, reviewing market intelligence, or obtaining relevant statistics, feedback, comments, facts, and figures from other sources. Holding onto this information minimizes the impact a VMI can have on the organization; however, the VMI's internal clients, stakeholders, and executives can drown in raw data and ignore it completely if it is not transformed into meaningful, easily-digested information.

    Before building a report, think about your intended audience:

    • What information are they looking for? What will help them understand the big picture?
    • What level of detail is appropriate, keeping in mind the audience may not be like-minded?
    • What items are universal to all the readers and what items are of interest to one or two readers?
    • How easy or hard will it be to collect the data? Who will be providing it, and how time consuming will it be?
    • How accurate, valid, and timely will the data be?
    • How frequently will each report need to be issued?

    Step 2.10 – Reports (cont'd)

    Construct your reports to resonate with your audience

    Use the following guidelines to create reports that will resonate with your audience:

    • Value information over data, but sometimes data does have a place in your report.
    • Use pictures, graphics, and other representations more than words, but words are often necessary in small, concise doses.
    • Segregate your report by user; for example, general information up top, CIO information below that on the right, CFO information to the left of CIO information, etc.
    • Send a draft report to the internal audience and seek feedback, keeping in mind you won't be able to cater to or please everyone.

    2.10.1 – Reports

    15 – 45 Minutes

    1. Meet with the participants and review the applicable work product from Phase 1 and Phase 2; identify qualitative and quantitative items the VMI measures, monitors, tracks, or aggregates.
    2. Determine which items will be reported and to whom (by category):
      1. Internally to personnel within the VMI.
      2. Internally to personnel outside the VMI.
      3. Externally to vendors.
    3. Within each category above, determine your intended audiences/recipients. For example, you may have a different list of recipients for a risk report than you do a scorecard summary report. This will help you identify the number of reports required.
    4. Create a draft structure for each report based on the audience and the information being conveyed. Determine the frequency of each report and person responsible for creating for each report.
    5. Document your final choices in Phase 2 Tools and Templates Compendium – Tab 2.10 Reports.

    Input

    • Brainstorming
    • Phase 1 work product
    • Steps 2.1 – 2.11 work product

    Output

    • A list of reports used by the VMI
    • For each report
      • The conceptual content
      • A list of who will receive or have access
      • A creation/distribution frequency

    Materials

    • Phase 2 Tools and Templates Compendium – Tab 2.10 Reports

    Participants

    • VMI team
    • Applicable stakeholders and executives (as needed)

    Download the Info-Tech Phase 2 Tools and Templates Compendium

    Phase 3 - Run

    Implement your processes and leverage your tools and templates

    Phase 1

    Phase 2Phase 3Phase 4

    1.1 Mission Statement and Goals

    1.2 Scope

    1.3 Strengths and Obstacles

    1.4 Roles and Responsibilities

    2.1 Classification Model

    2.2 Risk Assessment Tool

    2.3 Scorecards and Feedback

    2.4 Business Alignment Meeting Agenda

    2.5 Relationship Alignment Document

    2.6 Vendor Orientation

    2.7 3-Year Roadmap

    2.8 90-Day Plan

    2.9 Quick Wins

    2.10 Reports

    3.1 Classify Vendors

    3.2 Compile Scorecards

    3.3 Conduct Business Alignment Meetings

    3.4 Work the 90-Day Plan

    3.5 Manage the 3-Year Roadmap

    3.6 Develop/Improve Vendor Relationships

    4.1 Incorporate Leading Practices

    4.2 Leverage Lessons Learned

    4.3 Maintain Internal Alignment

    This phase will walk you through the following activity:

    • Beginning to operate the VMI. The main outcomes from this phase are guidance and the steps required to initiate your VMI.

    This phase involves the following participants:

    • VMI team
    • Applicable stakeholders and executives
    • Others as needed

    Vendor Management Initiative Basics for the Small/Medium Businesses

    Phase 3 – Run

    Implement your processes and leverage your tools and templates

    All the hard work invested in Phase 1 – Plan and Phase 2 – Build begins to pay off in Phase 3 – Run. It's time to stand up your VMI and ensure that the proper level of resources is devoted to your vendors and the VMI itself. There's more hard work ahead, but the foundational elements are in place. This doesn't mean there won't be adjustments and modifications along the way, but you are ready to use the tools and templates in the real world; you are ready to begin reaping the fruits of your labor.

    Phase 3 – Run guides you through the process of collecting data, monitoring trends, issuing reports, and conducting effective meetings to:

    • Manage risk better.
    • Improve vendor performance.
    • Improve vendor relationships.
    • Identify areas where the parties can improve.
    • Improve communication between the parties.
    • Increase the value proposition with your vendors.

    Step 3.1 – Classify vendors

    Begin classifying your top 25 vendors by spend

    Step 3.1 sets the table for many of the subsequent steps in Phase 3 – Run. The results of your classification process will determine which vendors go through the scorecarding process (Step 3.2); which vendors participate in BAMs (Step 3.3), and which vendors you will devote relationship-building resources to (Step 3.6).

    As you begin classifying your vendors, Info-Tech recommends using an iterative approach initially to validate the results from the classification model you configured in Step 2.1.

    1. Identify your top 25 vendors by spend.
    2. Run your top 10 vendors by spend through the classification model and review the results.
      1. If the results are what you expected and do not contain any significant surprises, go to 3. on the next page.
      2. If the results are not what you expected or do contain significant surprises, look at the configuration page of the tool (Tab 1) and adjust the weights or the spend categories slightly. Be cautious in your evaluation of the results before modifying the configuration page - some legitimate results are unexpected, or are surprises based on bias. If you modify the weighting, review the new results and repeat your evaluation. If you modify the spend categories, review the answers on the vendor tabs to ensure that the answers are still accurate; review the new results and repeat your evaluation.

    Step 3.1 – Classify vendors (cont'd)

    Review your results and adjust the classification tool as needed

    1. Run your top 11-through-25 vendors by spend through the classification model and review the results. Identify any unexpected results. Determine if further configuration makes sense and repeat the process outlined in 2.b., previous page, as necessary. If no further modifications are required, continue to 4., below.
    2. Share the preliminary results with the leadership team, executives, and stakeholders to obtain their approval or adjustments to the results.
      1. They may have questions and want to understand the process before approving the results.
      2. They may request that you move a vendor from one quadrant to another based on your organization's roadmap, the vendor's roadmap, or other information not available to you.
    3. Identify the vendors that will be part of the VMI at this stage – how many and which ones. Based on this number and the VMI's scope (Step 1.2), make sure you have the resources necessary to accommodate the number of vendors participating in the VMI. Proceed cautiously and gradually increase the number of vendors participating in the VMI.

    Step 3.1 – Classify vendors (cont'd)

    Finalize the results and update VMI tools and templates

    1. Update the vendor inventory tool (Step 1.7) to indicate the current classification status for the top 25 vendors by spend. Once your vendors have been classified, you can sort the vendor inventory tool by classification status to see all the vendors in that category at once.
    2. Review your three-year roadmap (Step 2.9) and 90-day plans (Step 2.6) to determine if any modifications are needed to the activities and timelines.

    Additional classification considerations:

    • You should only have a few vendors that fit in the strategic category. As a rough guideline, no more than 5% to 10% of your IT vendors should end up in the strategic category. If you have many vendors, even 5% may be too many. the classification model is an objective start to the classification process, but common sense must prevail over the "math" at the end of the day.
    • At this point, there is no need to go beyond the top 25 by spend. Most VMIs starting out can't handle more than three to five strategic vendors initially. Allow the VMI to run a pilot program with a small sample size, work out any bugs, make adjustments, and then ramp up the VMI's rollout in waves. Vendors can be added quarterly, biannually, or annually, depending upon the desired goals and available resources.

    Step 3.1 – Classify vendors (cont'd)

    Align your vendor strategy to your classification results

    As your VMI matures, additional vendors will be part of the VMI. Review the table below and incorporate the applicable strategies into your deployment of vendor management principles over time. Stay true to your mission, goals, and scope, and remember that not all your vendors are of equal importance.

    Operational

    Strategic
    • Focus on spend containment
    • Concentrate on lowering total cost of ownership
    • Invest moderately in cultivating the relationship
    • Conduct BAMs biannually or annually
    • Compile scorecards quarterly or biannually
    • Identify areas for performance and cost improvement
    • Focus on value, collaboration, and alignment
    • Review market intelligence for the vendor's industry
    • Invest significantly in cultivating the relationship
    • Initiate executive-to-executive relationships
    • Conduct BAMs quarterly
    • Compile scorecards quarterly
    • Understand how the vendors view your organization

    Commodity

    Tactical
    • Investigate vendor rationalization and consolidation
    • Negotiate for the best-possible price
    • Leverage competition during negotiations
    • Streamline the purchasing and payment process
    • Allocate minimal VMI resources
    • Assign the lowest priority for vendor management metrics
    • Conduct risk assessments biannually or annually
    • Cultivate a collaborative relationship based on future growth plans or potential with the vendor
    • Conduct BAMs quarterly or biannually
    • Compile scorecards quarterly
    • Identify areas of performance improvement
    • Leverage innovation and creative problem solving

    Step 3.1 – Classify vendors (cont'd)

    Be careful when using the word "partner" with your strategic and other vendors

    For decades, vendors have used the term "partner" to refer to the relationship they have with their clients and customers. This is often an emotional ploy used by the vendors to get the upper hand. To fully understand the terms "partner" and "partnership", let's evaluate them through two more objective, less cynical lenses.

    If you were to talk to your in-house or outside legal counsel, you may be told that partners share in profits and losses, and they have a fiduciary obligation to each other. Unless there is a joint venture between the parties, you are unlikely to have a partnership with a vendor from this perspective.

    What about a "business" partnership — one that doesn't involve sharing profits and losses? What would that look like? Here are some indicators of a business partnership (or preferably a strategic alliance):

    • Trust and transparent communication exist.
    • You have input into the vendor's roadmap for products and services.
    • The vendor is aligned with your desired outcomes and helps you achieve success.
    • You and the vendor are accountable for actions and inactions, with both parties being at risk.
    • There is parity in the peer-to-peer relationships between the organizations (e.g. C-Level to C-Level).
    • The vendor provides transparency in pricing models and proactively suggests ways for you to reduce costs.
    • You and the vendor work together to make each party better, providing constructive feedback on a regular basis.
    • The vendor provides innovative suggestions for you to improve your processes, performance, the bottom line, etc.
    • Negotiations are not one-sided; they are meaningful and productive, resulting in an equitable distribution of money and risk.

    Step 3.1 – Classify vendors (cont'd)

    Understand the implications and how to leverage the words "partner" and "partnership"

    By now you might be thinking, "What's all the fuss? Why does it matter?" At Info-Tech, we've seen firsthand how referring to the vendor as a partner can have the following impact:

    • Confidences are disclosed unnecessarily.
    • Negotiation opportunities and leverage are lost.
    • Vendors no longer have to earn the customer's business.
    • Vendor accountability is missing due to shared responsibilities.
    • Competent skilled vendor resources are assigned to other accounts.
    • Value erodes over time since contracts are renewed without being competitively sourced.
    • One-sided relationships are established, and false assurances are provided at the highest levels within the customer organization.

    Proceed with caution when using partner or partnership with your vendors. Understand how your organization benefits from using these terms and mitigate the negatives outlined above by raising awareness internally to ensure people understand the psychology behind the terms. Finally, use the term to your advantage when warranted by referring to the vendor as a partner when you want or need something that the vendor is reluctant to provide. Bottom line: be strategic in how you refer to vendors and know the risks.

    Step 3.2 – Compile scorecards

    Begin scoring your top vendors

    The scorecard process typically is owned and operated by the VMI, but the actual rating of the criteria within the measurement categories is conducted by those with day-to-day interactions with the vendors, those using or impacted by the services and products provided by the vendors, and those with the skills to research other information on the scorecard (e.g. risk). Chances are one person will not be able to complete an entire scorecard by themselves. As a result, the scorecard process is a team sport comprised of sub-teams where necessary.

    The VMI will compile the scores, calculate the final results, and aggregate all the comments into one scorecard. There are two common ways to approach this task:

    1. Send out the scorecard template to those who will be scoring the vendor and ask them to return it when completed, providing them with a due date a few days before you need it; you'll need time to compile, calculate, and aggregate.
    2. Invite those who will be scoring the vendor to a meeting and let the contributors use that time to score the vendors; make VMI team members available to answer questions and facilitate the process.

    Step 3.2 – Compile scorecards (cont'd)

    Gather input from stakeholders and others impacted by the vendors

    Since multiple people will be involved in the scorecarding process or have information to contribute, the VMI will have to work with the reviewers to ensure he right mix of data is provided. For example:

    • If you are tracking lawsuits filed by or against the vendor, one person from Legal may be able to provide that, but they may not be able to evaluate any other criteria on the scorecard.
    • If you are tracking salesperson competencies, multiple people from multiple areas may have valuable insights.
    • If you are tracking deliverable timeliness, several project managers may want to contribute across several projects.

    Where one person is contributing exclusively to limited criteria, make it easy for them to identify the criteria they are to evaluate. When multiple people from the same functional area will provide insights, they can contribute individually (and the VMI will average their responses) or they can respond collectively after reaching consensus as a group.

    After the VMI has compiled, calculated, and aggregated, share the results with executives, impacted stakeholders, and others who will be attending the BAM for that vendor. Depending upon the comments provided by internal personnel, you may need to create a sanitized version of the scorecard for the vendor.

    Make sure your process timeline has a buffer built in. You'll be sending the final scorecard to the vendor three to five days before the BAM, and you'll need some time to assemble the results. The scorecarding process can be perceived as a low-priority activity for people outside of the VMI, and other "priorities" will arise for them. Without a timeline buffer, the VMI may find itself behind schedule and unprepared, due to things beyond its control.

    Step 3.3 – Conduct business alignment meetings

    Determine which vendors will participate and how long the meetings will last

    At their core, BAMs aren't that different from any other meeting. The basics of running a meeting still apply, but there are a few nuances that apply to BAMs. Set out below are leading practices for conducing your BAMs; adapt them to meet your needs and suit your environment.

    Who

    Initially, BAMs are conducted with the strategic vendors in your pilot program. Over time you'll add vendors until all your strategic vendors are meeting with you quarterly. After that, roll out the BAMs to those tactical and operational vendors located close to the strategic quadrant in the classification model (Steps 2.1 and 3.1) and as VMI resources allow. It may take several years before you are holding regular BAMs with all your strategic, tactical, and operational vendors.

    Duration

    Keep the length of your meetings reasonable. The first few with a vendor may need to be 60 to 90 minutes long. After that, you should be able to trim them to 45 minutes to 60 minutes. The BAM does not have to fill the entire time. When you are done, you are done.

    Step 3.3 – Conduct business alignment meetings (cont'd)

    Identify who will be invited and send out invitations

    Invitations

    Set up a recurring meeting whenever possible. Changes will be inevitable but keeping the timeline regular works to your advantage. Also, the vendors included in your initial BAMs won't change for twelve months. For the first BAM with a vendor, provide adequate notice; four weeks is usually sufficient, but calendars will fill up quickly for the main attendees from the vendor. Treat the meeting as significant and make sure your invitation reflects this. A simple meeting request will often be rejected, treated as optional, or ignored completely by the vendor's leadership team (and maybe yours as well!).

    Invitees

    Internal invitees should include those with a vested interest in the vendor's performance and the relationship. Other functional areas may be invited based on need or interest. Be careful the attendee list doesn't get too big. Based on this, internal BAM attendees often include representatives from IT, Sourcing/Procurement, and the applicable business units. At times, Finance and Legal are included.

    From the vendor's side, strive to have decision makers and key leaders attend. The salesperson/account manager is often included for continuity, but a director or vice president of sales will have more insights and influence. The project manager is not needed at this meeting due to the nature of the meeting and its agenda; however, a director or vice president from the product or service delivery area is a good choice. Bottom line: get as high into the vendor's organization as possible whenever possible; look at the types of contracts you have with that vendor to provide guidance on the type of people to invite.

    Step 3.3 – Conduct business alignment meetings (cont'd)

    Prepare for the Meetings and Maintain Control

    Preparation

    Send the scorecard and agenda to the vendor five days prior to the BAM. The vendor should provide you with any information you require for the meeting five days prior, as well.

    Decide who will run the meeting. Some customers like to lead, and others let the vendor present. How you craft the agenda and your preferences will dictate who runs the show.

    Make sure the vendor knows what materials they should bring to the meeting or have access to. This will relate to the agenda and any specific requests listed under the discussion points. You don't want the vendor to be caught off guard and unable to discuss a matter of importance to you.

    Running the BAM

    Regardless of which party leads, make sure you manage the agenda to stay on topic. This is your meeting – not the vendor's, not IT's, not Procurement's or Sourcing's. Don't let anyone hijack it.

    Make sure someone is taking notes. If you are running this virtually, consider recording the meeting. Check with your legal department first for any concerns, notices, or prohibitions that may impact your recording the session.

    Remember, this is not a sales call, and it is not a social activity. Innovation discussions are allowed and encouraged, but that can quickly devolve into a sales presentation. People can be friendly toward one another, but the relationship building should not overwhelm the other purposes.

    Step 3.3 – Conduct business alignment meetings (cont'd)

    Follow these additional guidelines to maximize your meetings

    More leading practices

    • Remind everyone that the conversation may include items covered by various confidentiality provisions or agreements.
    • Publish the meeting minutes on a timely basis (within 48 hours).
    • Focus on the bigger picture by looking at trends over time; get into the details only when warranted.
    • Meet internally immediately beforehand to prepare – don't go in cold. Review the agenda and the roles and responsibilities for the attendees.
    • Physical meetings are better than virtual meetings, but travel constraints, budgets, and pandemics may not allow for physical meetings.

    Final thoughts

    • When performance or the relationship is suffering, be constructive in your feedback and conversations rather than trying to assign blame; lead with the carrot rather than the stick.
    • Look for collaborative solutions whenever possible and avoid referencing the contract if possible. Communicate your willingness to help resolve outstanding issues.
    • Use inclusive language and avoid language that puts the vendor on the defensive.
    • Make sure that your meetings are not focused exclusively on the negative, but don't paint a rosy picture where one doesn't exist.
    • A vendor that is doing well should be commended. This is an important part of relationship building.

    Step 3.4 – Work the 90-day plan

    Monitor your progress and share your results

    Having a 90-day plan is a good start, but assuming the tasks on the plan will be accomplished magically or without any oversight can lead to failure. While it won't take a lot of time to work the plan, following a few basic guidelines will help ensure the 90-day plan gets results and wasn't created in vain.

    1. Measure and track your progress against the initial/current 90-day plan at least weekly; with a short timeline, any delay can have a huge impact.
    2. If adjustments are needed to any elements of the plan, understand the cause and the impact of those adjustments before making them.
    3. Make adjustments ONLY when warranted. The temptation will be to push activities and tasks further out on the timeline (or to the next 90-day plan!) when there is any sort of hiccup along the way, especially when personnel outside the VMI are involved. Hold true to the timeline whenever possible; once you start slipping, it often becomes a habit.
    4. Report on progress every week and hold people accountable for their assignments and contributions.
    5. Take the 90-day plan seriously and treat it as you would any significant project. This is part of the VMI's branding and image.

    Step 3.5 – Manage the three-year roadmap

    Keep an eye on the future since it will feed the present

    The three-year roadmap is a great planning tool, but it is not 100% reliable. There are inherent flaws and challenges. Essentially, the roadmap is a set of three "crystal balls" attempting to tell you what the future holds. The vision for year 1 may be clear, but for each subsequent year, the crystal ball becomes foggier. In addition, the timeline is constantly changing; before you know it, tomorrow becomes today and year 2 becomes year 1.

    To help navigate through the roadmap and maximize its potential, follow these principles:

    • Manage each year of the roadmap differently.
      • Review the year-1 map each quarter to update your 90-day plans (See steps 2.10 and 3.4).
      • Review the year-2 map every six months to determine if any changes are necessary. As you cycle through this, your vantage point of year 2 will be 6 months or 12 months away from the beginning of year 2, and time moves quickly.
      • Review the year-3 map annually, and determine what needs to be added, changed, or deleted. Each time you review year 3, it will be a "new" year 3 that needs to be built.
    • Analyze the impact on the proposed modifications from two perspectives: 1) What is the impact if a requested modification is made? 2) What is the impact if a requested modification is not made?
    • Validate all modifications with leadership and stakeholders before updating the three-year roadmap to ensure internal alignment.

    Step 3.6 – Develop/improve vendor relationships

    Drive better performance through better relationships

    One of the key components of a VMI is relationship management. Good relationships with your vendors provide many benefits for both parties, but they don't happen by accident. Do not assume the relationship will be good or is good merely because your organization is buying products and services from a vendor.

    In many respects, the VMI should mirror a vendor's sales organization by establishing relationships at multiple levels within the vendor organizations, not just with the salesperson or account manager. Building and maintaining relationships is hard work, but the return on investment makes it worthwhile.

    Business relationships are comprised of many components, not all of which must be present to have a great relationship. However, there are some essential components. Whether you are trying to develop, improve, or maintain a relationship with a vendor, make sure you are conscious of the following:

    • Focusing your energies on strategic vendors first and then tactical and operational vendors.
    • Being transparent and honest in your communications.
    • Continuously building trust by being responsive and honoring commitments (timely).
    • Creating a collaborative environment and build upon common ground.
    • Thanking the vendor when appropriate.
    • Resolving disputes early, avoiding the "blame game", and being objective when there are disagreements.

    Phase 4 - Review

    Keep your VMI up to date and running smoothly

    Phase 1

    Phase 2Phase 3Phase 4

    1.1 Mission Statement and Goals

    1.2 Scope

    1.3 Strengths and Obstacles

    1.4 Roles and Responsibilities

    2.1 Classification Model

    2.2 Risk Assessment Tool

    2.3 Scorecards and Feedback

    2.4 Business Alignment Meeting Agenda

    2.5 Relationship Alignment Document

    2.6 Vendor Orientation

    2.7 3-Year Roadmap

    2.8 90-Day Plan

    2.9 Quick Wins

    2.10 Reports

    3.1 Classify Vendors

    3.2 Compile Scorecards

    3.3 Conduct Business Alignment Meetings

    3.4 Work the 90-Day Plan

    3.5 Manage the 3-Year Roadmap

    3.6 Develop/Improve Vendor Relationships

    4.1 Incorporate Leading Practices

    4.2 Leverage Lessons Learned

    4.3 Maintain Internal Alignment

    This phase will walk you through the following activity:

    • Helping the VMI identify what it should stop doing, start doing, and continue doing as it improves and matures. The main outcomes from this phase are ways to advance the VMI and maintain internal alignment.

    This phase involves the following participants:

    • VMI team
    • Applicable stakeholders and executives
    • Others as needed

    Vendor Management Initiative Basics for the Small/Medium Businesses

    Phase 4 – Review

    Keep your VMI up to date and running smoothly

    As the adage says, "The only thing constant in life is change." This is particularly true for your VMI. It will continue to mature, people inside and outside of the VMI will change, resources will expand or contract from year to year, your vendor base will change. As a result, your VMI needs the equivalent of a physical every year. In place of bloodwork, x-rays, and the other paces your physician may put you through, you'll assess compliance with your policies and procedures, incorporate leading practices, leverage lessons learned, maintain internal alignment, and update governances.

    Be thorough in your actions during this Phase to get the most out of it. It requires more than the equivalent of gauging a person's health by taking their temperature, measuring their blood pressure, and determining their body mass index. Keeping your VMI up-to-date and running smoothly takes hard work.

    Some of the items presented in this Phase require an annual review; others may require quarterly review or timely review (i.e. when things are top of mind and current). For example, collecting lessons learned should happen on a timely basis rather than annually, and classifying your vendors should occur annually rather than every time a new vendor enters the fold.

    Ultimately, the goal is to improve over time and stay aligned with other areas internally. This won't happen by accident. Being proactive in the review of your VMI further reinforces the nature of the VMI itself – proactive vendor management, not reactive!

    Step 4.1 – Incorporate leading practices

    Identify and evaluate what external VMIs are doing

    The VMI's world is constantly shifting and evolving. Some changes will take place slowly, while others will occur quickly. Think about how quickly the cloud environment has changed over the past five years versus the 15 years before that; or think about issues that have popped up and instantly altered the landscape (we're looking at you COVID and ransomware). As a result, the VMI needs to keep pace, and one of the best ways to do that is to incorporate leading practices.

    At a high level, a leading practice is a way of doing something that is better at producing a particular outcome or result or performing a task or activity than other ways of proceeding. The leading practice can be based on methodologies, tools, processes, procedures, and other items. Leading practices change periodically due to innovation, new ways of thinking, research, and other factors. Consequently, a leading practice is to identify and evaluate leading practices each year.

    Step 4.1 – Incorporate leading practices (cont'd)

    Update your VMI based on your research

    • A simple approach for incorporating leading practices into your regular review process is set out below:
    • Research:
      • What other VMIs in your industry are doing.
      • What other VMIs outside your industry are doing.
      • Vendor management in general.
    • Based on your results, list specific leading practices others are doing that would improve your VMI (be specific – e.g. other VMIs are incorporating risk into their classification process).
    • Evaluate your list to determine which of these potential changes fit or could be modified to fit your culture and environment.
    • Recommend the proposed changes to leadership (with a short business case or explanation/justification, as needed) and gain approval.

    Remember: Leading practices or best practices may not be what is best for you. In some instances, you will have to modify them to fit in your culture and environment; in other instances, you will elect not to implement them at all (in any form).

    Step 4.2 – Leverage lessons learned

    Tap into the collective wisdom and experience of your team members

    There are many ways to keep your VMI running smoothly, and creating a lessons learned library is a great complement to the other ways covered in this Phase 4 - Review. By tapping into the collective wisdom of the team and creating a safe feedback loop, the VMI gains the following benefits:

    • Documented institutional wisdom and knowledge normally found only in the team members' brains.
    • The ability for one team member to gain insights and avoid mistakes without having to duplicate the events leading to the insights or mistakes.
    • Improved methodologies, tools, processes, procedures, skills, and relationships.

    Many of the processes raised in this Phase can be performed annually, but a lessons learned library works best when the information is deposited in a timely manner. How you choose to set up your lessons learned process will depend on the tools you select and your culture. You may want to have regular input meetings to share the lessons as they are being deposited, or you may require team members to deposit lessons learned on a regular basis (within a week after they happen, monthly, or quarterly). Waiting too long can lead to vague or lost memories and specifics; timeliness of the deposits is a crucial element.

    Step 4.2 – Leverage lessons learned (cont'd)

    Create a library to share valuable information across the team

    Lessons learned are not confined to identifying mistakes or dissecting bad outcomes. You want to reinforce good outcomes, as well. When an opportunity for a lessons-learned deposit arises, identify the following basic elements:

    • A brief description of the situation and outcome.
    • What went well (if anything) and why did it go well?
    • What didn't go well (if anything) and why didn't it go well?
    • What would/could you do differently next time?
    • A synopsis of the lesson(s) learned.

    Info-Tech Insights

    The lessons learned library needs to be maintained. Irrelevant material needs to be culled periodically, and older or duplicate material may need to be archived.

    the lessons learned process should be blameless. The goal is to share insightful information, not to reward or punish people based on outcomes or results.

    Step 4.3 – Maintain internal alignment

    Review the plans of other internal areas to stay in sync

    Maintaining internal alignment is essential for the ongoing success of the VMI. Over time, it is easy to lose sight of the fact that the VMI does not operate in a vacuum; it is an integral component of a larger organization whose parts must work well together to function optimally. Focusing annually on the VMI's alignment within the enterprise helps reduce any breakdowns that could derail the organization.

    To ensure internal alignment:

    • Review the key components of the applicable materials from Phase 1 - Plan and Phase 2 - Build with the appropriate members of the leadership team (e.g. executives, sponsors, and stakeholders). Not every item from those Phases and Steps needs to be reviewed but err on the side of caution for the first set of alignment discussions, and be prepared to review each item. You can gauge the audience's interest on each topic and move quickly when necessary or dive deeper when needed. Identify potential changes required to maintain alignment.
    • Review the strategic plans (e.g. 1-, 3-, and 5- year plans) for various portions of the organization if you have access to them or gather insights if you don't have access.
      • If the VMI is under the IT umbrella, review the strategic plans for IT and its departments.
      • Review the strategic plans for the areas the VMI works with (e.g. Procurement, Business Units).
      • The organization itself.
    • Create and vet a list of modifications to the VMI and obtain approval.
    • Develop a plan for making the necessary changes.

    Summary of Accomplishment

    Problem solved

    Vendor management is a broad, often overwhelming, comprehensive spectrum that encompasses many disciplines. By now, you should have a great idea of what vendor management can or will look like in your organization. Focus on the basics first: Why does the VMI exist and what does it hope to achieve? What is it's scope? What are the strengths you can leverage, and what obstacles must you manage? How will the VMI work with others? From there, the spectrum of vendor management will begin to clarify and narrow.

    Leverage the tools and templates from this blueprint and adapt them to your needs. They will help you concentrate your energies in the right areas and on the right vendors to maximize the return on your organization's investment in the VMI of time, money, personnel, and other resources. You may have to lead by example internally and with your vendors at first, but they will eventually join you on your path if you stay true to your course.

    At the heart of a good VMI is the relationship component. Don't overlook its value in helping you achieve your vendor management goals. The VMI does not operate in a vacuum, and relationships (internal and external) will be critical.

    Lastly, seek continual improvement from the VMI and from your vendors. Both parties should be held accountable, and both parties should work together to get better. Be proactive in your efforts, and you, the VMI, and the organization will be rewarded.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech Workshop

    Contact your account representative for more information

    workshops@infotech.com
    1-888-670-8889

    Related Info-Tech Research

    Prepare for Negotiations More Effectively
    Don't leave negotiation preparations and outcomes to chance. Learn how to prepare for negotiations more effectively and improve your results.

    Understand Common IT Contract Provisions to Negotiate More Effectively
    Info-Tech's guidance and insights will help you navigate the complex process of contract review and identify the key details necessary to maximize the protections for your organization.

    Capture and Market the ROI of Your VMO
    Calculating the impact or value of a vendor management office (VMO) can be difficult without the right framework and tools. Let Info-Tech's tools and templates help you account for the contributions made by your VMO.

    Bibliography

    Slide 5 – ISG Index 4Q 2021, Information Services Group, Inc., 2022.

    Slide 6 – ISG Index 4Q 2021, Information Services Group, Inc., 2022.

    Slide 7 – Geller & Company. "World-Class Procurement — Increasing Profitability and Quality." Spend Matters. 2003. Web. Accessed 4 Mar. 2019.

    Slide 26 – Guth, Stephen. The Vendor Management Office: Unleashing the Power of Strategic Sourcing. Lulu.com, 2007. Print. Protiviti. Enterprise Risk Management. Web. 16 Feb. 2017.

    Slide 34 – "Why Do We Perform Better When Someone Has High Expectations of Us?" The Decision Lab. Accessed January 31, 2022.

    Slide 56 - Top 10 Tips for Creating Compelling Reports," October 11, 2019, Design Eclectic. Accessed March 29, 2022.

    Slide 56 – "Six Tips for Making a Quality Report Appealing and Easy To Skim," Agency for Health Research and Quality. Accessed March 29, 2022.

    Slide 56 –Tucker, Davis. Marketing Reporting: Tips to Create Compelling Reports, March 28, 2020, 60 Second Marketer. Accessed March 29, 2022.

    IT Organizational Design

    • Buy Link or Shortcode: {j2store}32|cart{/j2store}
    • Related Products: {j2store}32|crosssells{/j2store}
    • member rating overall impact (scale of 10): 9.1/10
    • member rating average dollars saved: $83,392
    • member rating average days saved: 21
    • Parent Category Name: People and Resources
    • Parent Category Link: /people-and-resources

    The challenge

    • IT can ensure full business alignment through an organizational redesign.
    • Finding the best approach for your company is difficult due to many frameworks and competing priorities.
    • External competitive influences and technological trends exacerbate this.

    Our advice

    Insight

    • Your structure is the critical enabler of your strategic direction. Structure dictates how people work together and how they can fill in their roles to create the desired business value. 
    • Constant change is killing for an organization. You need to adapt, but you need a stable baseline and make sure the change is in line with the overall strategy and company context.
    • A redesign is only successful if it really happens. Shifting people into new positions is not enough to implement a redesign. 

    Impact and results 

    • Define your redesign principles. They will act as a manifesto to your change. It also provides for a checklist, ensuring that the structure does not deviate from the business strategy.
    • Visualize the new design with a customized operating model for your company. It must demonstrate how IT creates value and supports the business value creation chains.
    • Define the future-state roles, functions, and responsibilities to enable your IT department to support the business effectively.

    The roadmap

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    Get started

    Our concise executive brief explains to you the challenges associated with the organizational redesign. We'll show you our methodology and the ways we can help you in completing this.

    Define your organizational design principles and select your operating model

    The design principles will govern your organizational redesign; Align the principles with your business strategy.

    • Redesign Your IT Organizational Structure – Phase 1: Craft Organizational Design Principles and Select an IT Operating Model (ppt)
    • Organizational Design Communications Deck (ppt)

    Customize the selected IT operating model to your company

    Your operating model must account for the company's nuances and culture.

    • Redesign Your IT Organizational Structure – Phase 2: Customize the IT Operating Model (ppt)
    • Operating Models and Capability Definition List (ppt)

    Design the target-state of your IT organizational structure

    Go from an operating model to the structure fit for your company.

    • Redesign Your IT Organizational Structure – Phase 3: Architect the Target-State IT Organizational Structure (ppt)
    • Organizational Design Capability RACI Chart (xls)
    • Work Unit Reference Structures (Visio)
    • Work Unit Reference Structures (pdf)

    Communicate the benefits of the new structure

    Change does not come easy. People will be anxious. Craft your communications to address critical concerns and obtain buy-in from the organization. If the reorganization will be painful, be up-front on that, and limit the time in which people are uncertain.

    • Redesign Your IT Organizational Structure – Phase 4: Communicate the Benefits of the New Organizational Structure (ppt)

     

    Manage Service Catalogs

    • Buy Link or Shortcode: {j2store}44|cart{/j2store}
    • Related Products: {j2store}44|crosssells{/j2store}
    • member rating overall impact (scale of 10): 9.0/10
    • member rating average dollars saved: $3,956
    • member rating average days saved: 24
    • Parent Category Name: Service Planning and Architecture
    • Parent Category Link: /service-planning-and-architecture

    The challenge

    • Your business users may not be aware of the full scope of your services.
    • Typically service information is written in technical jargon. For business users, this means that the information will be tough to understand.
    • Without a service catalog, you have no agreement o what is available, so business will assume that everything is.

    Our advice

    Insight

    • Define your services from a user's or customer perspective.
      • When your service catalog contains too much information that does not apply to most users, they will not use it.
    • Separate the line-of-business services from enterprise services. It simplifies your documentation process and makes the service catalog more comfortable to use.

    Impact and results 

    • Our approach helps you organize your service catalog in a business-friendly way while keeping it manageable for IT.
    • And manageable also means that your service catalog remains a living document. You can update your service records easily.
    • Your service catalog forms a visible bridge between IT and the business. Improve IT's perception by communicating the benefits of the service catalog.

    The roadmap

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    Get started

    Our concise executive brief shows you why building a service catalog is a good idea for your company. We'll show you our methodology and the ways we can help you in handling this.

    Minimize the risks from attrition through an effective knowledge transfer process.

    Launch the initiative

    Our launch phase will walk you through the charter template, build help a balanced team, create your change message and communication plan to obtain buy-in from all your organization's stakeholders.

    • Design & Build a User-Facing Service Catalog – Phase 1: Launch the Project (ppt)
    • Service Catalog Project Charter (doc)

    Identify and define the enterprise services

    Group enterprise services which you offer to everyone in the company, logically together.

    • Design & Build a User-Facing Service Catalog – Phase 2: Identify and Define Enterprise Services (ppt)
    • Sample Enterprise Services (ppt)

    Identify and define your line-of-business (LOB) services

    These services apply only to one business line. Other business users should not see them in the catalog.

    • Design & Build a User-Facing Service Catalog – Phase 3: Identify and Define Line of Business Services (ppt)
    • Sample LOB Services – Industry Specific (ppt)
    • Sample LOB Services – Functional Group (ppt)

    Complete your services definition chart

    Complete this chart to allow the business to pick what services to include in the service catalog. It also allows you to extend the catalog with technical services by including IT-facing services. Of course, separated-out only for IT.

    • Design & Build a User-Facing Service Catalog – Phase 4: Complete Service Definitions (ppt)
    • Services Definition Chart (xls)

    Implement the Next-Generation IT Operating Model

    • Buy Link or Shortcode: {j2store}85|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: IT Strategy
    • Parent Category Link: /it-strategy

    IT is being challenged to change how it operates to better support evolving organizations by:

    • Considering the needs of customers, end users, and organizational stakeholders simultaneously.
    • Leveraging resources strategically to support the various IT and digital services being offered.
    • Creating a digital services enablement office that can design, monitor, and continuously enhance services.

    Our Advice

    Critical Insight

    • The role of IT is changing, and with that, how IT needs to operate to deliver value is also changing. Don’t get left behind with an irrelevant IT operating model.
    • Elevate your reputation as a leader beyond the CIO role. Mature your organization’s digital services by considering the customer experience first.
    • As recessions, disasters, and pandemics hit, don’t adopt old ways of operating with 2008 centralized models. Embrace a hybrid IT where value sets your organization apart.

    Impact and Result

    • Embrace the Exponential IT Operating Model so you can:
      • Say “yes” to stakeholders trying to provide a better experience for customers and consumers.
      • Leverage data more effectively across your organization.
      • Consider how to integrate and deliver services using resources effectively and strategically.

    Implement the Next-Generation IT Operating Model Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Implement the Next-Generation IT Operating Model Deck – The next generation operating model for organizations embracing exponential IT.

    This research piece is for any IT leaders looking to support the organization in its post-transformation state by focusing on the customer experience when operating. CIOs struggling with outdated IT operating models can demonstrate true partnership with this digital services next-generation IT operating model.

    • Implement the Next-Generation IT Operating Model Storyboard

    2. Exponential IT Operating Model Readiness Assessment – A tool to assess your organization’s readiness to adopt this next generation of IT operating models.

    Use this tool to determine whether your organization has the fundamental components necessary to support the adoption of an Exponential IT operating model.

    • Exponential IT Operating Model Readiness Assessment

    3. Career Vision Roadmap Tool – A template to create a simple visual roadmap of your desired career progression from CIO to chief digital services officer (CDSO).

    Use this template to create a roadmap on how to transform your career from CIO to CDSO leveraging key strengths and relationships. Focus on opportunities to demonstrate IT’s maturity and the customer experience at the forefront of your decisions.

    • Career Vision Roadmap
    [infographic]

    Further reading

    Implement the Next-Generation IT Operating Model

    The operating model for organizations embracing Exponential IT and transforming into technology-first enterprises.

    Analyst Perspective

    Be the organization that can thrive in an exponential IT world.

    A picture of Carlene McCubbin A picture of Brittany Lutes

    Carlene McCubbin
    Research Practice Lead
    CIO Organizational
    Transformation Practice
    Info-Tech Research Group

    Brittany Lutes
    Research Director,
    CIO Organization Transformation Practice
    Info-Tech Research Group

    IT leaders are increasingly expected to be responsible for understanding and delivering high-value customer experiences. This evolution depends on the distribution and oversight of IT capabilities that are embedded throughout the organizational structure.

    Defining digital strategic objectives, establishing governance frameworks for an autonomous culture, and enabling the organization to act on insightful data are all impossible without a new way of operating that involves the oversight and accountability of advancing IT roles. Through exponential change, functional groups can lose clarity regarding their responsibilities, creating a sense of ambiguity and disorder.

    But adopting a new way of working that supports an exponential IT organization does not have to be difficult. Leveraging Info-Tech Research Group's next-generation operating model, you can clearly demonstrate how the organization will collaborate to deliver on the various digital and IT services. This is no longer just an IT operating model, but a technology-first enterprise model.

    Included in this blueprint:

    Exponential IT Model

    Defines how the Exponential IT model operates and delivers value to the organization.
    This is done by exploring:

    • Exponential IT cultural norms and behaviors
    • Opportunities and risks of the Exponential IT model
    • A breakdown of the embedded, integrated, and centralized aspects of the model
    • Operating model value stream stages
    • An assessment on whether the Exponential IT operating model is right for your organization

    Changing Role of IT Leader

    Defines how chief information officers (CIOs) can operate or elevate their role in this changing operating model.

    • Identifies why the C-suite is changing – again
    • How IT leaders should consider where they will add value in the new operating model
    • Outlines examples of future organization-wide structures and where IT roles are positioned
    • Supports IT leaders in developing themselves to operate in this structure

    Executive Summary

    Your Challenge

    IT is challenged to change how it operates to better support evolving organizations. IT must:

    • Consider the needs of customers, end users, and organization stakeholders simultaneously.
    • Leverage resources strategically to support the various IT and digital services being offered.
    • Create a digital services enablement office to design, monitor, and enhance services continuously.

    While many organizations have projects that support a digital strategy, few have an operating model that supports this digital services strategy.

    Common Obstacles

    Organizations struggle to support the definition and ongoing maintenance of services because:

    • The organization's Digital and IT services offerings are not clear.
    • The functional team accountable to deliver on each IT or Digital service is ambiguous.
    • There are insufficient resources to support all the IT and Digital services being offered.
    • C-suite leaders required to support the services are missing or in the wrong role to effectively lead.
    • Technology has not been standardized to ensure consistency and effectiveness.

    Info-Tech's Approach

    Embrace the IT operating model that focuses on the enablement and delivery of Digital and IT services by:

    • Having technology stakeholders actively collaborate to decide on priorities and deliver on objectives.
    • Leveraging data more effectively across the organization to understand and meet user needs.
    • Ensuring technology architecture and security standards are well-established and followed by all throughout the organization.
    • Allocating dedicated and skilled resources to ensure services can be continuously delivered.

    Info-Tech Insight

    The first IT operating model where customer engagement with IT and Digital Services is at the forefront.

    What is an operating model?

    An IT operating model is a visual representation of the way your IT organization will function using a clear and coherent blueprint. This visualization demonstrates how capabilities are organized and aligned to deliver on the business mission and strategic and technological objectives.

    The should visualize the optimization and alignment of the IT organization to deliver the capabilities required to achieve business goals. Additionally, it should demonstrate the workflow so key stakeholders can understand where inputs flow in and outputs flow out of the IT organization. Investing time in the front-end to get the operating model right is critical. This will give you a framework to rationalize future organizational changes, allowing you to be more iterative and your model to change as the business changes.

    An image of a sample Operating Model


    From computerization to digitization to the new frontier in autonomization, IT has progressively matured, enabling it to actively lead this next stage of business transformation.

    EXPONENTIAL RISK
    Autonomous processes will integrate with human-led processes, creating risks to business continuity, information security, and quality of delivery. Supplier power will exacerbate business risks.

    EXPONENTIAL REWARD
    The efficiency gains and new value chains created through artificial intelligence (AI), robotics, and additive manufacturing will be very significant. Most of this value will be realized through the augmentation of human labor.

    EXPONENTIAL DEMAND
    Autonomous solutions for productivity and back-office applications will eventually become commoditized and provided by a handful of large vendors. There will, however, be a proliferation of in-house algorithms and workflows to autonomize the middle and front office, offered by a busy landscape of industry-centric capability vendors.

    EXPONENTIAL IT

    Exponential IT involves IT leading the cognitive re-engineering of the organization with evolved practices for:

    • IT governance
    • Asset management
    • Vendor management
    • Data management
    • Business continuity management
    • Information security management

    To learn more about IT's journey into autonomization, check out Info-Tech Research Group's Adopt an Exponential IT Mindset blueprint.

    The IT operating model must evolve to respond to exponential change

    • Ensuring customers are not an afterthought to IT leaders. Customers inform how and where IT leaders invest resources to realize organizational objectives.
    • Adopting a formalized approach to service definition and delivery to eliminate silos.
    • Leveraging data throughout the organization to better inform and enable the various digital services in meeting customer demands.
    • Responding to employee demands for development and training opportunities by applying skills in new settings.
    • Having cross-collaboration mechanisms built into the ways of operating to reduce silos across the organization.
    • Enabling services through a strong set of governance and risk mandates and practices.
    • Eliminating the need for IT capabilities to only be within an IT department.

    IT can no longer be just a service provider:

    78% of IT leaders with established digital strategies and 45% of IT leaders with emerging digital strategies are driven by customer experiences.
    Source: Foundry "Digital Business Study,"2023

    40% - The number of CIOs that are responsible for creating new products or services to support revenue generation.
    Source: Foundry, "The State of the CIO," 2023

    This change requires a breakdown of traditional IT-business divisions

    CIOs must recognize that separating IT from the business is restrictive

    • Many organizations have recently completed or are in the process of completing a digital transformation focused on enhanced employee and customer experiences.
    • Post-transformation organizations must change how they operate to continue to deliver on those enhanced experiences, especially for the customer.
    • There must no longer be a wall between IT and the business, but a unified organization offering digital services that include IT components. Already, 81% of work is being performed across the functional boundaries created in an organization (Deloitte, 2023).
    • Effectively designing, delivering, and maintaining these services depends on a Digital Services functional layer, expanding IT's involvement into how the business delivers worthwhile experiences to customers.
    • This Digital Services functional layer will consider whether the new services are better owned by the IT group or another area of the organization.
    • CIOs need to be prepared to adopt a new way of operating or be left to manage a smaller subset of IT functions.

    "I think we've done the IT industry a disservice by constantly referring to IT and the business, artificially creating this wedge."
    – David Vidoni, VP of IT at Pegasystems
    Source: Dan Roberts, CIO, 2023

    Four trends driving an Exponential IT organization include:

    Emerging Technologies

    • 67% of respondents to KPMG's 2022 Global Tech Survey indicated they intend to embrace emerging platforms by the end of 2024.(1)
    • The technology landscape is constantly shifting with artificial intelligence (AI), quantum computing, 5G cellular networks, and next-generation robotics. Each of these technologies requires new capabilities and a new way in which those capabilities are organized.

    Enhanced Customer Experiences

    • 24% of CIOs have been tasked by their CEO to increase the customer experience.(3)
    • Organizations realize that to gain and retain customers, it has become necessary to consistently evaluate service offerings and identify opportunities for enhancement or new services.

    Digital Trust

    • 1/3 of CISOs plan to increase their GRC focus during the next year and 36% have already begun to implement Zero Trust components.(2)
    • Risk and security capabilities mature focusing on defined enterprise accountability, consideration of ethics and inclusivity and proactive security controls.

    Embedded Technology & Skills

    • Spending on embedded software is expected to increase to $21.5 billion by 2027.(4)
    • The technology strategy no longer resides solely within IT. The organization must take ownership of this strategy while they define their digital strategies. Technology services are also embedded.

    (1) "Global Tech Survey," KPMG, 2022
    (2) "Global Digital Trust Insights Report," PwC, 2023
    (3) "State of IT Report," Foundry, 2023
    (4) "Global surge in embedded software demand; here is why," DAC Digital, 2023

    Application of the Four Key Trends on your Exponential IT operating model:

    Respond to Emerging Technology In response to changing customer demands, organizations need to actively seek, assess, and integrate emerging technology offerings easily and effectively. By governing data at an enterprise level and implementing the necessary guardrails in the form of architecture and security standards at the technology layer, it becomes easier to adopt new technologies such as artificial intelligence (AI). This should be tied to any mandated objectives.
    Build Digital Trust Capabilities Finding and hiring the right security professionals has long been a challenge for organizations. In the Exponential IT model, focus on security oversight increases and fewer operational resources are required. The model sees governing IT security processes and vendor delivery as priorities to enable the right technology without exposing the organization to undue risk. There should be more security-related capabilities in your Exponential IT model.
    Elevate the Customer Experience Evolving the organization's digital offering requires understanding of and active response to the changing demands of customers. This is accomplished by leveraging information from organization-wide data sources and the modular components of the organization's current digital offerings. The components can be reconfigured (or new ones added) to create digital services for the customer.
    Formalize Embedded Business Technology & Roles Technology is actively included in the organization's business (digital) strategy. This ensures that technology remains an embedded component of how the organization competes in the market, supplies invaluable services, and delivers on strategic objectives. The separation of IT from the organization becomes redundant.
    Visualize your IT Operating Model.

    Adopting an Exponential IT operating model is typically influenced by resonating with the following drivers:

    Culture

    IT Strategy & Objectives

    Organization Operating Model

    Organization Size & Structure

    Perception of IT

    Risk Appetite

    A cooperative and innovative culture where the organization does not feel constrained by current processes. Establishing a growth mindset across all the organization's groups is reflected by the trust service owners receive.

    Focused on delivering the best customer experience. The roadmap would include ample opportunities to better support the customer in obtaining or exceeding the degree of value they receive from the organization.

    Empowering service owners across the organization to be accountable for the delivery and value of their services. Lots of collaboration among stakeholders who know what services are offered and how those services leverage technology.

    More appropriate for larger organizations due to the resources required to design and enable successful services. IT resources would also be pooled by skills.

    IT is not a service provider but an equal that enables the organization's success. Without IT involvement, digital services may be omitted and opportunities to enhance the customer experience would be missed.

    While innovation and new service offerings are critical to success, there are functional groups that remain focused on defining the level of risk tolerance that supports the appropriate risk appetite to consider new service offerings.

    Section 1: The Next-Generation Operating Model

    The Technology Value Trinity

    Delivery of Business Value & Strategic Needs

    I&T OPERATING MODEL

    DIGITAL & TECHNOLOGY STRATEGY

    I&T GOVERNANCE

    The model for how IT is organized to deliver on business needs and strategies.

    The identification of objectives and initiatives necessary to achieve business goals.

    Ensures the organization and its customers extract maximum value from the use of information and technology.

    All three elements of the Technology Value Trinity work together to deliver business value and achieve strategic needs. As one changes, the others must change as well.
    How do these three elements relate?

    • I&T Operating Model aligns resources, processes, measures, stakeholders, value streams, and decision rights to enable the delivery of your strategy and priorities. This is done by strategically structuring IT capabilities in a way that enables the organization's vision and considers the context in which the model will operate.
    • Digital and IT Strategy tells you what you must achieve to be successful. For an Exponential IT organization, customer demands and digital service offerings would drive strategic decisions.
    • I&T Governance is the confirmation of IT's goals and strategy, which ensures the alignment of IT and business strategy. This is the mechanism by which you continuously prioritize work so that what is delivered aligns with the strategy.

    Strategy, operating models, and governance are too often considered separate practices – strategies are defined without clarity on how to support. A significant change to your strategy necessitates a change to your operating model, which in turn necessitates a change to your governance and organizational structure.

    The Exponential IT operating model delivers value across seven components

    Exponential IT

    Capabilities

    Products, Services and Technology

    Performance Measures

    Stakeholder Engagement & Collaboration

    Decision Rights & Authority

    Value Streams

    Sourcing

    IT capabilities in the Exponential IT model are spread across the organization. The result removes the separation between IT and the organization. Instead, the organization takes accountability for ensuring technology capabilities are delivered.

    Digital service offerings dominate this model, focusing on providing better experiences for customers. Some technology platforms are specific to a service such as access management, while others span service offerings such as architecture or security.

    This model's success is measured by the overall ability to satisfy the customer experience through designing and delivering the right digital service offerings. Service owners are responsible for continuously monitoring and advancing the delivery of the service.

    The end-customer is the main stakeholder for this operating model, where understanding their needs and demands informs the design, maintenance, and improvement of all services. There is no longer IT vs. the business but an organizational perspective of services.

    This model's decision-making spans the organization. The service owners of digital offerings have authority and autonomy deciding which services to design, how they should be integrated with other services, and how those services will continually deliver value to customers.

    Exponential IT's five core value streams are:

    1. Identifying and prioritizing customer needs
    2. Designing IT and Digital Services
    3. Enabling IT & Digital Service success
    4. Assigning skilled employees to deliver services
    5. Owning & managing services

    Internal resource pools might need to be supplemented with contract resources when demand exceeds capacity, requiring a strong partnership with the Vendor Management Team. Service owners will also need to engage and manage the performance of their vendor solution partners.

    Organizations adopting the Exponential IT Model will experience new norms and behaviors

    Customer-Centric
    Dedicated to the customer experience and making sure that the end customer is considered first and foremost.

    "Yes" Approach
    The organization can say yes to emerging technology and customer desires because it has organized itself to be agile in its digital service offerings.

    Digital Service Ownership
    Digital service offerings are owned and managed across the organization ensuring the continuous delivery of value to customers.

    Employee Development
    Resources are organized into pods based on specific skills or functions increasing the likelihood of adopting new skills.

    Autonomization
    Centralized and accessible data provides service owners autonomy when making informed decisions that support enhanced customer experiences.

    Exponential IT is an embedded model approach

    Info-Tech has identified seven common IT operating model archetypes. Each model represents a different approach to who delivers technology services and how. Each model is designed to drive different outcomes, as the way your organization is structured will dictate the way it behaves. The Exponential IT model is an emerging archetype which capitalizes on embedded delivery.

    An image of the exponential IT embedded model approach.

    Centralized

    Shifted

    Embedded

    Owned and operated by leadership within IT. IT takes full responsibility of the functional areas and maintains control over the outcomes.

    Can be owned/operated by a variety of leadership roles throughout the organization. This can shift from IT ownership to other organizational leadership. Decisions about ownership are often made to enable quick response or mitigate risks.

    Owned/operated by leadership outside of traditional IT. Another area of the organization has taken authoritative power over the outcome of this functional area for a quicker response.

    Even as an embedded IT operating model, shifted and centralized IT functions as support

    1. Embedded functions required for scaled autonomation
      Definition and oversight of the organization's strategic direction demonstrated through a customer-first culture, data insights, and a well-defined risk appetite.
    2. Integrated design and optimization of the digital service offering
      Actively considers the customer experience and designs the appropriate services to be delivered. Considers all aspects in the design and delivery of services by exploring opportunities to integrate components to enhance customer experiences or architecting new service offerings to eliminate gaps.
    3. Centralized standards for IT technology, security & resources
      Technology functions continue to deliver exceptional services to the enterprise including clear standards for technology and solution architecture, application of security requirements, and resources to enable various service offerings.

    Opportunities and risks of the Exponential IT model

    Opportunities

    Risks
    • Focused on the end-customer experience and how to ensure that customer remains satisfied and loyal to the organization.
    • The capability center allows resources to be used strategically according to where they would most improve the customer experience.
    • Services are owned by the most appropriate areas within the organization—sometimes IT and other times not. In either case, services should always possess technological knowledge.
    • The organization's transformation strategy is not just driving IT's strategy but how IT should be organized and operating. This eliminates disconnect from larger strategic objectives.
    • Data intelligence and customer insights enable the shifted and centralized areas of the operating model to deliver effective and valuable experiences for all stakeholders.
    • Requires a high degree of maturity to support a variety of individuals in owning IT and digital capabilities.
    • Organizational buy-in to this operating model archetype is a must. IT cannot select this operating model without that support.
    • Processes around how all IT and Digital Services consider security and technology standards need to be well-documented and enforceable.
    • Depending on which leaders oversee the three areas of the model (embedded, shifted, or centralized), power struggles could occur which negatively impact services.
    • This model will demand governance, risk, and culture to be at the forefront of how it operates. If an accountability framework does not exist, expect this model to fail.

    The Exponential IT operating model blends embedded, shifted and centralized delivery to balance agility & risk

    An image of the Exponential IT Operating Model.

    The Exponential IT model commands a new placement and significance of IT capabilities

    Using capabilities for the operating model

    • Capabilities are focused on the entire system that would be in place to satisfy a particular need. This not only includes the people who are able to complete a specific task, but the technology, processes, and resources required to deliver.
    • Focusing on capabilities rather than the individuals in organizational redesign enables a more objective and holistic view of what your organization is striving toward.
    • Capabilities deliver on specific need(s) and how they are organized changes the way those needs are delivered.
    The Exponential IT principles as an image: Strategy and Governance, Financial Management, Service Planning and Architecture, People and Resources, Security and Risk, Applications, Data and Analytics, Infrastructure and Operations, and PPM and Projects.

    1. Embedded functions required for autonomization

    Overview of the function:

    • Focuses on a single strategy and roadmap for the organization that actively includes technology.
    • Governance, risk, compliance, and general oversight are defined and embedded throughout the organization.
    • Ensures that quality data is being generated to help inform the defined digital service offering.
    • Readies the organization to adopt emerging technology quickly and with minimal disruption to other digital service offerings.
    • A team of technical experts that decides what information should exist for operational efficiency or service innovation.

    Embedded functions required for autonomization

    2. Integrated design and optimization of the digital service offering

    Overview of the function:

    • Analyzes and responds to insights about the customer experience.
    • Maintains the portfolio of the organization's digital service offerings.
    • Considers what is necessary to operate efficiently as an organization while simultaneously exploring emerging technology to optimize new or existing digital services.
    • Requires the expertise and involvement of both business-minded and technology-skilled resources.
    • The differentiating factor from other IT operating models is how it holistically considers all the components throughout the organization and how they are connected.

    Integrated design and optimization of the digital service offering

    3. Centralized standards for IT technology, security & resources

    Overview of the function:

    • Compared with other IT operating model archetypes, the Exponential IT model has fewer capabilities that are centralized within the technology function of an organization.
    • Architecture and standards are the foundation of successful embedded delivery, ensuring reuse, improved integration, and a unified experience. This includes technology, risk, data, AI and security architecture, models, and standards.
    • Employee resources are also organized in pods to be leveraged based on greatest need and skills availability.
    • This lets the organization be more agile when innovating and implementing new digital service offerings.

    Centralized standards for IT technology, security & resources

    Exponential IT explores new value stream stages

    Customer Perspective

    The organization is continually anticipating their wants and needs and establishing mechanisms to vocalize those needs.

    Customer receives the right IT and digital services to respond to their needs.

    The service is easy to use and continuously responds to wants and needs.

    The service is meeting expectations or exceeding them.

    There is a dedicated service owner who can hear demands and feedback, then action desirable outcomes.

    Value Stream Stages

    An image of the Value Stream

    Organizational Perspective

    Expected Outcome

    Customers' wants and needs are understood and at times anticipated before the customer requests them.

    Assess needs to determine if service is already offered or needs to be created. Design services that will enhance the customer experience.

    Look for opportunities to integrate processes and resources to increase the performance of IT and Digital Services.

    Ensure that the right employees with the right skills are working to develop or enhance service offering.

    The service owner manages the ongoing lifecycle of the service and establishes a roadmap on how value will continue to be delivered.

    Critical Processes

    • Customer experience
    • Research and innovation
    • Stakeholder management
    • Research and innovation
    • Service design & portfolio management
    • Performance management
    • Continuous improvement
    • Integration planning
    • Service management
    • Resource planning and allocation
    • Service strategy & roadmap
    • Service governance
    • Service performance management

    Metrics

    • Customer satisfaction score
    • Service-to-need alignment
    • Gaps in service portfolio
    • Speed to design services
    • Service performance
    • Service adoption
    • Time to resolve customer demand
    • Frequency by which service requires enhancements
    • Service satisfaction
    • Alignment of service strategy to organization strategy

    1.1 Assess if the Exponential IT operating model is right for your organization

    1 hour

    1. Begin by downloading the Exponential IT Operating Model Assessment.
    2. Review the questions within each of the operating model components. For each question, use the drop-down menu to determine your level of agreement.
    3. The more your organization agrees with the statements, the more likely your organization is prepared to implement an Exponential IT operating model.
    4. The less your organization agrees with the statements, the more likely you should adopt a different IT operating model.
    5. For support implementing the Exponential IT or another IT operating model, explore the Visualize Your IT Operating Model blueprint (coming soon).

    Input

    • Desire to change the organization's IT & Digital operating model

    Output

    • Desire to implement the IT & Digital Service Enablement operating model

    Materials

    • Exponential IT Operating Model Assessment

    Participants

    • Executive IT leadership
    • Business leadership

    Explore other Info-Tech research to support your organization transformation initiatives

    Visualize the IT Operating Model blueprint (coming soon)

    Visualize the IT Operating Model blueprint (coming soon)

    Redesign Your IT Organizational Structure

    Redesign Your IT Organizational Structure

    Section 2: Elevating the CIO Role

    The next generation of IT C-suite roles are here

    As the operating model changes and becomes increasingly embedded into the organization's delivery of IT and Digital Services, new C-suite roles are being defined

    • One of the most critical roles being defined in this change is the Chief Digital Services Officer (CDSO) who focuses on all components of the digital experience from the lens of the customer.
    • There are two directions from which the CDSO role is typically approached as it gains popularity:
      • CIOs evolve beyond just information and technology—focusing on how IT & Digital Services enhance the customer experience
      • Business leaders who have technical know-how increase their involvement and responsibility over IT related functions
    • IT leaders need to consider where they would rather sit: focused only on technology and remaining a service provider to the organization, or embedding technology into the services, products, and organization in general?

    60%

    The number of APAC CIOs who can anticipate their job to be challenged by their peers within the organization.

    Source: Singh, Yashvendra, CIO, 2023.

    Info-Tech Insight

    This is not about making the CIO report to someone else but allowing the CIO to elevate their role into that of a CDSO.

    Increasing IT leadership's span of control throughout the organization

    As maturity increases so does span of control, ownership & executive influence

    Organizations hoping to fully adopt the Exponential IT operating model require a shift in leadership expectations. Notably, these leaders will have oversight and accountability for functions beyond the traditional IT group.

    As the organization matures its governance, security, and data management practices, increasing how it delivers high-impact experiences to customers, it would have one leader who owns all the components to ensure clear alignment with goals and business strategy.

    An image of a graph where the X axis is labeled Span of Control & Influence, and the Y axis is Organization Maturity.

    Emerging Exponential IT organizations will have distributed authority

    • Organizations beginning their transition toward an exponential model often continue to have distributed leaders providing oversight of distinct functional areas.
    • Their spans of control are smaller, but very clearly defined, eliminating confusion through a transparent accountability framework.
    • Each leader strives toward optimization and efficiency regarding IT capabilities, for which they are responsible.
    1. Distributed Leadership
      Embedded functions required for scaled autonomation
      Distributed leaders identify the ways technology will enable them to advance enterprise objectives while maintaining autonomy over their own functions. They may oversee technology.
    2. Experience Officer
      Integrated design and optimization of the digital service offering
      An Experience Officer will help consider the insights gained from enterprise data and make informed decisions around enterprise service offerings. They actively explore new ways to deliver high-value experiences.
    3. Chief Technology Officer (CTO)
      Centralized standards for IT technology, security & resources
      A CTO will continue to oversee the core technology, including infrastructure and service management functions.

    Established organizations will be driven by a digital transformation journey

    • Organizations that have begun to deliver on their transformation journey will typically see two distinct C-suite leaders emerge—the CIO and the CDO.
    • The Chief Digital Officer (CDO) often explores ways to optimize the integration and management of data to enable insightful decision making from the organization.
    • The Chief Information Officer (CIO), however, considers mechanisms to standardize how new technologies can be integrated with the architecture.
    • While both leaders have distinct responsibilities, their roles intersect at the customer experience.

    An image of the digital transformation journey

    Advanced organizations will be managed by a single emerging role

    • A single leader will oversee all the functional areas where value is delivered and enabled by IT capabilities.
    • Through a large span of control, this leader can holistically consider opportunities to optimize the customer experience and ensure recommendations are actioned to deliver on that enhanced experience.
    • This leader's span of control will require a strong understanding of both strategic and operational functions to authoritatively oversee all aspects for which they are responsible.

    CDSO – Chief Digital Service Officer

    1. Embedded functions required for scaled autonomation
      The CDSO will set, oversee, and manage the delivery of an enterprise's digital strategy, ensuring accountability through good governance and data practices.
    2. Integrated design and optimization of the digital service offering
      They ensure that the enterprise holistically considers the various services that could be offered to exceed customer expectations through high-impact experiences.
    3. Centralized standards for IT technology, security & resources
      They also ensure stable and secure architecture standards to enable consistency across the organization and a seamless ability to integrate new technology to support service offerings.

    Evolution of the IT C-suite now includes the CDSO

    Chief Digital Service Officer

    Chief Information Officer

    Chief Digital Officer

    Chief Technology Officer

    Chief Experience Officer

    Main Stakeholder(s):

    • Board
    • CEO/Executive Leadership
    • Organization Leadership
    • Service Owners
    • Customers & End Users

    Main Responsibilities:

    • Oversight of the entire portfolio of IT and Digital Services
    • Use of information & technology to meet organizational objectives

    *Some leaders in this role are being called Chief Digital Information Officer.

    Main Stakeholder(s):

    • Board
    • CEO/Executive Leadership
    • Organization Leadership
    • End Users

    Main Responsibilities:

    • Oversight of the information and technology required to support and enable the organization

    Main Stakeholder(s):

    • Board
    • CEO/Executive Leadership
    • Customers & End Users

    Main Responsibilities:

    • Oversight on transforming how the organization uses technology, often considering customer perspectives

    Main Stakeholder(s):

    • Organization Leadership
    • Customers & End Users

    Main Responsibilities:

    • Collaborating with the CIO, the CTO leads the organization's ability to integrate and adopt necessary technology products and services

    Main Stakeholder(s):

    • Customers & End Users

    Main Responsibilities:

    • Establish the customer experience strategy
    • Create policies to support that strategy
    • Collaborate with other organizational leaders to integrate any activities around the customer experience

    Examples of what the emerging organizational structure can look like

    An image of three hierarchies, showing what the emerging organizational structure can look like.

    This is more than a new title for IT leaders

    It's about establishing a business first perspective

    • IT leaders exploring this new way of operating are not just adopting the new title of CDSO or CDIO.
    • These leaders must change how information, technology, and digital experiences are consumed across the various stakeholders – especially the end customer.
    • IT leaders who pursue this new IT operating model choose to be more than order takers for an organization.
    • They are:
      • Partners in defining the organization's digital service offerings
      • Recognizing the benefits of distributing decision-making authority for IT-related aspects to others throughout the organization
      • Prioritizing capabilities like portfolio management, architecture, vendor management, relationship management, cloud and user experience

    "'For me, the IT portfolio for the next few years and the IT architecture have taken the place that IT strategy used to have,' he adds. This view doesn't position IT outside of the organization, but rather gives it central importance in the company."
    – Bernd Rattey, Group CIO and CDO of Deutsche Bahn (DB), qtd. by Jens Dose, CIO, 2023

    1.2 Plan your career move to CDSO

    1-3 hours

    • Create a roadmap on how to move from your current role to CDSO by identifying current strengths and opportunities to improve.
    • Download the Career Vision Roadmap Tool from the website. An example of this is on the next slide.
    • Document the tagline. This is your overarching career focus and goal – what is your passion? Think beyond titles to what you want to be doing, the atmosphere you want to be in, and what you want to add value to.
    • Document the current role: what are the strengths, achievements and opportunities?
    • Consider the CDSO role: how will you build stronger relationships and competencies to elevate your profile within the organization? What is an example of what someone would display in this role?
    • Define specific roles or stakeholders that you should develop a stronger relationship with.

    Download the Career Vision Roadmap Tool

    Input

    • Desire to implement the IT & Digital Service Enablement Operating Model

    Output

    • Roadmap to elevate from a CIO to a CDSO

    Materials

    • Career Vision Roadmap
    • IT & Digital Services Enablement operating model archetype
    • CDSO job profile

    Participants

    • CIO (or any other role aspiring to eventually become a CDSO)
    • Individual activity

    Career Vision Roadmap:
    Executive Leader
    Akbar K.

    Sample

    To provide customers with an exceptional experience by ensuring all IT and Digital Services consider and anticipate their needs or wants. Enable IT and Digital Services to be successful through clear leadership, strong collaboration, and continuous improvement or innovation.

    CIO

    1. Establish technology standards that enable the organization to consistently and securely integrate platforms or solutions.
    2. Lead the project team that defined and standardized the organization's reference architecture.
    3. Need to work on listening to a variety of stakeholder demands rather than only specific roles/titles.

    Transition

    • Strengths: Technology acumen, budget planning, allocating resources
    • Enhance: Stakeholder relationship management.
    • Work with current CDO to define and implement more digital transformation initiatives.

    CDSO

    • Being responsive to customer expectations and communicating clear and realistic timelines.
    • Establish trust among the organization that services will deliver expected value.
    • Empowering service owners to manage and oversee the delivery of their services.

    Network Opportunities

    • Connect with board members and understand each of their key areas of priority.
    • Begin to interact with end customers and define ways that will enhance their customer experience.
    • Chief Digital Officer

    Actions now in line with aspiration

    Appendix: Capabilities & Capability Model

    IT and digital capabilities

    Using capabilities for the operating model:

    • Capabilities are focused on the entire system that would be in place to satisfy a particular need. This not only includes people who have skills to complete a specific task, but also the technology, processes, and resources required to deliver.
    • Focusing on capabilities rather than the individuals in organizational redesign enables a more objective and holistic view of what your organization is striving toward.
    • Capabilities deliver on specific need(s) and how they are organized changes the way those need(s) are delivered.

    An image of the IT Management and Governance Framework.

    Strategic Direction

    • IT Governance
    • Strategic Planning
    • Digital Strategy
    • Performance Measurement
    • IT Management & Policies
    • Organizational Quality Management
    • R&D and Innovation
    • Stakeholder Management

    People & Resources

    • Strategic Communications
    • People Resource Management
    • Workforce Strategy & Planning
    • Organizational Change Enablement
    • Adoption & Training
    • Financial/Budget Management
    • Vendor Portfolio Management
    • Vendor Selection & Contract Management
    • Vendor Performance Management

    Architecture & Integration

    • Enterprise Architecture Delivery
    • Business Architecture Delivery
    • Solution Architecture Delivery
    • Technology Architecture
    • Data Architecture
    • Security Architecture
    • Process Integration
    • Integration Planning

    Service Planning

    • Service Governance
    • Service Strategy & Roadmap
    • Service Management
    • Service Governance
    • Service Performance Measurement
    • Service Design & Planning
    • Service Orchestration

    Security & Risk

    • Security Strategic Planning
    • Risk Management
    • External Compliance Management
    • Security Response & Recovery Management
    • Security Management
    • Controls & Internal Audit Planning
    • Security Defense Operations
    • Security Administration
    • Cybersecurity Threat Intelligence
    • Integrated Physical/IT Security
    • OT/IoT Security
    • Data Protection & Privacy

    Application Delivery

    • Application Lifecycle Management
    • Systems Integration Management
    • Application Development
    • User Experience
    • Quality Assurance & UAT
    • Application Maintenance
    • Low Code Development

    Project Portfolio Management

    • Demand Management
    • Requirement Analysis Management
    • Portfolio Management
    • Project Management

    Data & Business Intelligence (BI)

    • Reporting & Analytics
    • Data Management
    • Data Quality
    • Data Integration
    • Enterprise Content Management
    • Data Governance
    • Data Strategy
    • AI/ML Management

    Service Delivery

    • Operations Management
    • Service Desk Management
    • Incident Management
    • Problem Management
    • Service Enhancements
    • Operational Change Enablement
    • Release Management
    • Automation Management

    Infrastructure & Operations

    • Asset Management
    • Infrastructure Portfolio Strategic Planning
    • Availability & Capacity Management
    • Network & Infrastructure Management
    • Configuration Management
    • Cloud Orchestration
    An image of the summary slide for this blueprint, with the headings: Centralized; Shifted; and Embedded.

    Research Contributors and Experts

    Donna Bales
    Principal Research Director
    Info-Tech Research Group

    Scott Bickley
    Practice Lead – Vendor Management Practice
    Info-Tech Research Group

    Christine Coz
    Executive Counselor – Executive Services
    Info-Tech Research Group

    Valence Howden
    Principal Research Director
    Info-Tech Research Group

    Duraid Ibrahim
    Executive Counselor – Executive Services
    Info-Tech Research Group

    Chris Goodhue
    Managing Partner– Executive Services
    Info-Tech Research Group

    Carlene McCubbin
    Practice Lead – CIO Practice
    Info-Tech Research Group

    Mike Tweedie
    Practice Lead – CIO Practice
    Info-Tech Research Group

    Vicki van Alphen
    Executive Counselor – Executive Services
    Info-Tech Research Group

    *Plus an additional 5 industry experts who anonymously contributed to this research piece.

    Related Info-Tech Research

    Adopt an Exponential IT Mindset

    • To succeed in the coming business transformation, IT will have to adopt different priorities in its mission, governance, capabilities, and partnerships.
    • CIOs will have to provide exceptionally mature services while owning business targets.

    Become a Transformational CIO

    • Business transformations are happening, but CIOs are often involved only when it comes time to implement change. This makes it difficult for the CIO to be perceived as an organizational leader.
    • Elevate your stature as a business leader.
    • Create a high-powered IT organization that is focused on driving lasting change, improving client experiences, and encouraging collaboration across the entire enterprise.

    Define Your Digital Business Strategy

    • Design a strategy that applies innovation to your business model, streamline and transform processes, and make use of technologies to enhance interactions with customers and employees.
    • Pre-pandemic digital strategies have been primarily focused on automation. However, your post-pandemic digital strategy must focus on driving resilience for growth opportunities.

    Bibliography

    Bennet, Trevon. "What is a Chief Experience Officer (CXO)? And what do they do?" Indeed, 14 March 2023. https://www.indeed.com/career-advice/finding-a-job/what-is-chief-experience-officer#:~:text=A%20CXO%20plans%20strategies%20and,customer%20acquisition%20and%20retention%20strategies
    Bishop, Carrie. "Five years of Digital Services in San Francisco." Medium, 20 January 2022. https://medium.com/san-francisco-digital-services/five-years-of-digital-services-in-san-francisco-805a758c2b83
    DAC Digital and Chawla, Yash. "Global surge in embedded software demand; here is why." DAC Digital, 2023 <ttps://dac.digital/global-surge-in-embedded-software-demand-here-is-why/
    Deloitte. "If you want your digital transformation to succeed, align your operating model to your strategy." Harvard Business Review, 31 January 2020. https://hbr.org/sponsored/2020/01/if-you-want-your-digital-transformation-to-succeed-align-your-operating-model-to-your-strategy.
    Deloitte. "2023 Global Human Capital Trends Report." Deloitte, 2023. https://www2.deloitte.com/content/dam/Deloitte/sg/Documents/human-capital/sea-cons-hc-trends-report-2023.pdf
    Dose, Jens. "Deutsche Bahn CIO on track to decentralize IT." CIO, 19 April 2023. https://www.cio.com/article/473071/deutsche-bahn-cio-on-track-to-decentralize-it.html
    Ehrlich, Oliver., Fanderl, Harald., Maldara, David., & Mittangunta, Divya. "How the operating model can unlock the power of customer experience." McKinsey, 28 June 2022. https://www.mckinsey.com/capabilities/growth-marketing-and-sales/our-insights/how-the-operating-model-can-unlock-the-full-power-of-customer-experience
    FCW. "Digital Government Summit Agenda." FCW. 2021. https://events-archive.fcw.com/events/2021/digital-government-summit/index.html
    Foundry. "State of the CIO." IDG, 25 January 2023. https://foundryco.com/tools-for-marketers/research-state-of-the-cio/
    Foundry. "Digital Business Study 2023: IT Leaders are future-proofing their business with digital strategies." IDG, 2023. https://foundryco.com/tools-for-marketers/research-digital-business/
    Indeed Editorial Team. "Centralized vs. Decentralized Structures: 7 Key Differences." Indeed, 10 March 2023. https://www.indeed.com/career-advice/career-development/centralized-vs-decentralized
    Indeed Editorial Team. "What is process integration?." Indeed, 14 November 2022. https://ca.indeed.com/career-advice/career-development/process-integration#:~:text=Process%20integration%2C%20or%20business%20process,it%20reach%20its%20primary%20objectives
    KPMG International. "Global Tech Report." KPMG, 2022.
    McHugh, Brian. "Service orchestration is reshaping IT—Here's what to know." Active Batch, 8 November 2022. https://www.advsyscon.com/blog/service-orchestration-what-is/
    Morris, Chris. "IDC FutureScape: Worldwide CIO Agenda 2023 Predictions."" IDC, January, 2023. https://www.idc.com/getdoc.jsp?containerId=AP49998523
    PwC. "Global Digital Trust Insights Report." PwC, 2023
    Roberts, Dan. "5 CIOs on building a service-oriented IT culture." CIO, 13 April 2023. https://www.cio.com/article/472805/5-cios-on-building-a-service-oriented-it-culture.html
    Singh, Yashvendra. "CIOs must evolve to stave off existential threat to their role." CIO, 30 March 2023. https://www.cio.com/article/465612/cios-must-evolve-to-stave-off-existential-threat-to-their-role.html
    Spacey, John. "16 Examples of IT Services." Simplicable, 28 January 2018. https://simplicable.com/IT/it-services

    Document Your Cloud Strategy

    • Buy Link or Shortcode: {j2store}468|cart{/j2store}
    • member rating overall impact (scale of 10): 8.9/10 Overall Impact
    • member rating average dollars saved: $35,642 Average $ Saved
    • member rating average days saved: 21 Average Days Saved
    • Parent Category Name: Cloud Strategy
    • Parent Category Link: /cloud-strategy

    Despite the universally agreed-upon benefit of formulating a coherent strategy, several obstacles make execution difficult:

    • Inconsistent understanding of what the cloud means
    • Inability to come to a consensus on key decisions
    • Ungoverned decision-making
    • Unclear understanding of cloud roles and responsibilities

    Our Advice

    Critical Insight

    A cloud strategy might seem like a big project, but it’s just a series of smaller conversations. The methodology presented here is designed to facilitate those conversations, using a curated list of topics, prompts, participant lists, and sample outcomes. We have divided the strategy into four key areas:

    • Vision and alignment
    • People
    • Governance
    • Technology

    Impact and Result

    • A shared understanding of what is necessary to succeed in the cloud
    • An end to ad hoc deployments that solve small problems and create larger ones
    • A unified approach and set of principles that apply to governance, architecture, integration, skills, and roles (and much, much more).

    Document Your Cloud Strategy Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Document Your Cloud Strategy – a phased guide to identifying, validating, and recording the steps you’ll take, the processes you’ll leverage, and the governance you’ll deploy to succeed in the cloud.

    This storyboard comprises four phases, covering mission and vision, people, governance, and technology, and how each of these areas requires forethought when migrating to the cloud.

    • Document Your Cloud Strategy – Phases 1-4

    2. Cloud Strategy Document Template – a template that allows you to record the results of the cloud strategy exercise in a clear, readable way.

    Each section of Document Your Cloud Strategy corresponds to a section in the document template. Once you’ve completed each exercise, you can record your results in the document template, leaving you with an artifact you can share with stakeholders.

    • Cloud Strategy Document Template
    [infographic]

    Workshop: Document Your Cloud Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Document Your Vision and Alignment

    The Purpose

    Understand and document your cloud vision and its alignment with your other strategic priorities.

    Key Benefits Achieved

    A complete understanding of your strategy, vision, alignment, and a list of success metrics that will help you find your way.

    Activities

    1.1 Record your cloud mission and vision.

    1.2 Document your cloud strategy’s alignment with other strategic plans.

    1.3 Record your cloud guiding principles.

    Outputs

    Documented strategy, vision, and alignment.

    Defined success metrics.

    2 Record Your People Strategy

    The Purpose

    Define how people, skills, and roles will contribute to the broader cloud strategy.

    Key Benefits Achieved

    Sections of the strategy that highlight skills, roles, culture, adoption, and the creation of a governance body.

    Activities

    2.1 Outline your skills and roles strategy.

    2.2 Document your approach to culture and adoption

    2.3 Create a cloud governing body.

    Outputs

    Documented people strategy.

    3 Document Governance Principles

    The Purpose

    This section facilitates governance in the cloud, developing principles that apply to architecture, integration, finance management, and more.

    Key Benefits Achieved

    Sections of the strategy that define governance principles.

    Activities

    3.1 Conduct discussion on architecture.

    3.2 Conduct discussion on integration and interoperability.

    3.3 Conduct discussion on operations management.

    3.4 Conduct discussion on cloud portfolio management.

    3.5 Conduct discussion on cloud vendor management.

    3.6 Conduct discussion on finance management.

    3.7 Conduct discussion on security.

    3.8 Conduct discussion on data controls.

    Outputs

    Documented cloud governance strategy.

    4 Formalize Your Technology Strategy

    The Purpose

    Creation of a formal cloud strategy relating to technology around provisioning, monitoring, and migration.

    Key Benefits Achieved

    Completed strategy sections of the document that cover technology areas.

    Activities

    4.1 Formalize organizational approach to monitoring.

    4.2 Document provisioning process.

    4.3 Outline migration processes and procedures.

    Outputs

    Documented cloud technology strategy.

    Further reading

    Document Your Cloud Strategy

    Get ready for the cloudy future with a consistent, proven strategy.

    Analyst perspective

    Any approach is better than no approach

    The image contains a picture of Jeremy Roberts

    Moving to the cloud is a big, scary transition, like moving from gas-powered to electric cars, or from cable to streaming, or even from the office to working from home. There are some undeniable benefits, but we must reorient our lives a bit to accommodate those changes, and the results aren’t always one-for-one. A strategy helps you make decisions about your future direction and how you should respond to changes and challenges. In Document Your Cloud Strategy we hope to help you accomplish just that: clarifying your overall mission and vision (as it relates to the cloud) and helping you develop an approach to changes in technology, people management, and, of course, governance. The cloud is not a panacea. Taken on its own, it will not solve your problems. But it can be an important tool in your IT toolkit, and you should aim to make the best use of it – whatever “best” happens to mean for you.

    Jeremy Roberts

    Research Director, Infrastructure and Operations

    Info-Tech Research Group

    Executive Summary

    Your Challenge

    The cloud is multifaceted. It can be complicated. It can be expensive. Everyone has an opinion on the best way to proceed – and in many cases has already begun the process without bothering to get clearance from IT. The core challenge is creating a coherent strategy to facilitate your overall goals while making the best use of cloud technology, your financial resources, and your people.

    Common Obstacles

    Despite the universally agreed-upon benefit of formulating a coherent strategy, several obstacles make execution difficult:

    • Inconsistent understanding of what the cloud means
    • Inability to come to a consensus on key decisions
    • Ungoverned decision making
    • Unclear understanding of cloud roles and responsibilities

    Info-Tech’s Approach

    A cloud strategy might seem like a big project, but it’s just a series of smaller conversations. The methodology presented here is designed to facilitate those conversations, using a curated list of topics, prompts, participant lists, and sample outcomes. We have divided the strategy into four key areas:

    1. Vision and alignment
    2. People
    3. Governance
    4. Technology

    The answers might be different, but the questions are the same

    Every organization will approach the cloud differently, but they all need to ask the same questions: When will we use the cloud? What forms will our cloud usage take? How will we manage governance? What will we do about people? How will we incorporate new technology into our environment? The answers to these questions are as numerous as there are people to answer them, but the questions must be asked.

    Your challenge

    This research is designed to help organizations that are facing these challenges or looking to:

    • Ensure that the cloud strategy is complete and accurately reflects organizational goals and priorities.
    • Develop a consistent and coherent approach to adopting cloud services.
    • Design an approach to mitigate risks and challenges associated with adopting cloud services.
    • Create a shared understanding of the expected benefits of cloud services and the steps required to realize those benefits.

    Grappling with a cloud strategy is a top initiative: 43% of respondents report progressing on a cloud-first strategy as a top cloud initiative.

    Source: Flexera, 2021.

    Definition: Cloud strategy

    A document providing a systematic overview of cloud services, their appropriate use, and the steps that an organization will take to maximize value and minimize risk.

    Common obstacles

    These barriers make this challenge difficult to address for many organizations:

    • The cloud means different things to different people, and creating a strategy that is comprehensive enough to cover a multitude of use cases while also being written to be consumable by all stakeholders is difficult.
    • The incentives to adopt the cloud differ based on the expected benefit for the individual customer. User-led decision making and historically ungoverned deployments can make it difficult to reset expectation and align with a formal strategy.
    • Getting all the right people in a room together to agree on the key components of the strategy and the direction undertaken for each one is often difficult.

    Info-Tech’s approach

    Define Your Cloud Vision

    Vision and alignment

    • Mission and vision
    • Alignment to other strategic plans
    • Guiding principles
    • Measuring success

    Technology

    • Monitoring
    • Provisioning
    • Migration

    Governance

    • Architecture
    • Integration and interoperability
    • Operations management
    • Cloud portfolio management
    • Cloud vendor management
    • Finance management
    • Security
    • Data controls

    People

    • Skills and roles
    • Culture and adoption
    • Governing bodies

    Info-Tech’s approach

    Your cloud strategy will comprise the elements listed under “vision and alignment,” “technology,” “governance,” and “people.” The Info-Tech methodology involves breaking the strategy down into subcomponents and going through a three-step process for each one. Start by reviewing a standard set of questions and understanding the goal of the exercise: What do we need to know? What are some common considerations and best practices? Once you’ve had a chance to review, discuss your current state and any gaps: What has been done? What still needs to be done? Finally, outline how you plan to go forward: What are your next steps? Who needs to be involved?

    Review

    • What questions do we need to answer to complete the discussion of this strategy component? What does the decision look like?
    • What are some key terms and best practices we must understand before deciding?

    Discuss

    • What steps have we already taken to address this component?
    • Does anything still need to be done?
    • Is there anything we’re not sure about or need further guidance on?

    Go forward

    • What are the next steps?
    • Who needs to be involved?
    • What questions still need to be asked/answered?
    • What should the document’s wording look like?

    Info-Tech’s methodology for documenting your cloud strategy

    1. Document your vision and alignment

    2. Record your people strategy

    3. Document governance principles

    4. Formalize your technology strategy

    Phase Steps

    1. Record your cloud mission and vision
    2. Document your cloud strategy’s alignment with other strategic plans
    3. Record your cloud guiding principles
    4. Define success
    1. Outline your skills and roles strategy
    2. Document your approach to culture and adoption
    3. Create a cloud governing body

    Document official organizational positions in these governance areas:

    1. Architecture
    2. Integration and interoperability
    3. Operations management
    4. Cloud portfolio management
    5. Cloud vendor management
    6. Finance management
    7. Security
    8. Data controls
    1. Formalize organizational approach to monitoring
    2. Document provisioning process
    3. Outline migration processes and procedures

    Phase Outcomes

    Documented strategy: vision and alignment

    Documented people strategy

    Documented cloud governance strategy

    Documented cloud technology strategy

    Insight summary

    Separate strategy from tactics

    Separate strategy from tactics! A strategy requires building out the framework for ongoing decision making. It is meant to be high level and achieve a large goal. The outcome of a strategy is often a sense of commitment to the goal and better communication on the topic.

    The cloud does not exist in a vacuum

    Your cloud strategy flows from your cloud vision and should align with the broader IT strategy. It is also part of a pantheon of strategies and should exist harmoniously with other strategies – data, security, etc.

    People problems needn’t preponderate

    The cloud doesn’t have to be a great disruptor. If you handle the transition well, you can focus your people on doing more valuable work – and this is generally engaging.

    Governance is a means to an end

    Governing your deployment for its own sake will only frustrate your end users. Articulate the benefits users and the organization can expect to see and you’re more likely to receive the necessary buy-in.

    Technology isn’t a panacea

    Technology won’t solve all your problems. Technology is a force multiplier, but you will still have to design processes and train your people to fully leverage it.

    Key deliverable

    Cloud Strategy Document template

    Inconsistency and informality are the enemies of efficiency. Capture the results of the cloud strategy generation exercises in the Cloud Strategy Document template.

    The image contains a screenshot of the Cloud Strategy Document Template.
    • Record the results of the exercises undertaken as part of this blueprint in the Cloud Strategy Document template.
    • It is important to remember that not every cloud strategy will look exactly the same, but this template represents an amalgamation of best practices and cloud strategy creation honed over several years of advisory service in the space.
    • You know your audience better than anyone. If you would prefer a strategy delivered in a different way (e.g. presentation format) feel free to adapt the Cloud Vision Executive Presentation into a longer strategy presentation.
    • Emphasis is an area where you should exercise discretion as well. A cost-oriented cloud strategy, or one that prioritizes one type of cloud (e.g. SaaS) at the exclusion of others, may benefit from more focus on some areas than others, or the introduction of relevant subcategories. Include as many of these as you think will be relevant.
    • Parsimony is king – if you can distill a concept to its essence, start there. Include additional detail only as needed. You want your cloud strategy document to be read. If it’s too long or overly detailed, you’ll encounter readability issues.

    Blueprint benefits

    IT benefits

    Business benefits

    • A consistent, well-defined approach to the cloud
    • Consensus on key strategy components, including security, architecture, and integration
    • A clear path forward on skill development and talent acquisition/retention
    • A comprehensive resource for information about the organization’s approach to key strategy components
    • Predictable access to cloud services
    • A business-aligned approach to leveraging the resources available in the cloud
    • Efficient and secure consumption of cloud resources where appropriate to do so
    • Answers to questions about the cloud and how it will be leveraged in the environment

    Measure the value of this blueprint

    Don’t take our word for it:

    • Document Your Cloud Strategy has been available for several years in various forms as both a workshop and as an analyst-led guided implementation.
    • After each engagement, we send a survey that asks members how they benefited from the experience. Those who have worked through Info-Tech’s cloud strategy material have given overwhelmingly positive feedback.
    • Additionally, members reported saving between 10 and 20 days and an average of $46,499.
    • Measure the value by calculating the time saved as a result of using Info-Tech’s framework vs. a home-brewed cloud strategy alternative and by comparing the overall cost of a guided implementation or workshop with the equivalent offering from another firm. We’re confident you’ll come out ahead.

    8.8/10 Average reported satisfaction

    13 Days Average reported time savings

    $46,499 Average cost savings

    Executive Brief Case Study

    INDUSTRY: Pharmaceuticals

    SOURCE: Info-Tech workshop

    Pharmaceutical company

    The unnamed pharmaceutical company that is the subject of this case study was looking to make the transition to the cloud. In the absence of a coherent strategy, the organization had a few cloud deployments with no easily discernable overall approach. Representatives of several distinct functions (legal, infrastructure, data, etc.) all had opinions on the uses and abuses of cloud services, but it had been difficult to round everyone up and have the necessary conversations. As a result, the strategy exercise had not proceeded in a speedy or well-governed way. This lack of strategic readiness presented a roadblock to moving forward with the cloud strategy and to work with the cloud implementation partner, tasked with execution.

    Results

    The company engaged Info-Tech for a four-day workshop on cloud strategy documentation. Over the course of four days, participants drawn from across the organization discussed the strategic components and generated consensus statements and next steps. The team was able to formalize the cloud strategy and described the experience as saving 10 days.

    Example output: Document your cloud strategy workshop exercise

    The image contains an example of Document your cloud streatgy workshop exercise.

    Anything in green, the team was reasonably sure they had good alignment and next steps. Those yellow flags warranted more discussion and were not ready for documentation.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful."

    Guided Implementation

    "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track."

    Workshop

    "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place."

    Consulting

    "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."

    Diagnostics and consistent frameworks are used throughout all four options.

    Guided Implementation

    What does a typical GI on this topic look like?

    Document your vision and alignment

    Record your people strategy

    Document governance principles

    Formalize your technology strategy

    Call #1: Review existing vision/strategy documentation.

    Call #2: Review progress on skills, roles, and governance bodies.

    Call #3: Work through integration, architecture, finance management, etc. based on reqs. (May be more than one call.)

    Call #4: Discuss challenges with monitoring, provisioning, and migration as-needed.

    A Guided Implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization. A typical GI is 4 to 6 calls over the course of 1 to 3 months

    Workshop Overview

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    Day 1

    Day 2

    Day 3

    Day 4

    Day 5

    Answer
    “so what?”

    Define the
    IT target state

    Assess the IT
    current state

    Bridge the gap and
    create the strategy

    Next steps and
    wrap-up (offsite)

    Activities

    1.1 Introduction

    1.2 Discuss cloud mission and vision

    1.3 Discuss alignment with other strategic plans

    1.4 Discuss guiding principles

    1.5 Define success metrics

    2.1 Discuss skills and roles

    2.2 Review culture and adoption

    2.3 Discuss a cloud governing body

    2.4 Review architecture position

    2.5 Discuss integration and interoperability

    3.1 Discuss cloud operations management

    3.2 Review cloud portfolio management

    3.3 Discuss cloud vendor management

    3.4 Discuss cloud finance management

    3.5 Discuss cloud security

    4.1 Review and formalize data controls

    4.2 Design a monitoring approach

    4.3 Document the workload provisioning process

    4.4 Outline migration processes and procedures

    5.1 Populate the Cloud Strategy Document

    Deliverables

    Formalized cloud mission and vision, along with alignment with strategic plans, guiding principles, and success metrics

    Position statement on skills and roles, culture and adoption, governing bodies, architecture, and integration/interoperability

    Position statements on cloud operations management, portfolio management, vendor management, finance management, and cloud security

    Position statements on data controls, monitoring, provisioning, and migration

    Completed Cloud Strategy Document

    Phase 1

    Document Your Vision and Alignment

    Phase 1

    Phase 2

    Phase 3

    Phase 4

    1.1 Document your mission and vision

    1.2 Document alignment to other strategic plans

    1.3 Document guiding principles

    1.4 Document success metrics

    2.1 Define approach to skills and roles

    2.2 Define approach to culture and adoption

    2.3 Define cloud governing bodies

    3.1 Define architecture direction

    3.2 Define integration approach

    3.3 Define operations management process

    3.4 Define portfolio management direction

    3.5 Define vendor management direction

    3.6 Document finance management tactics

    3.7 Define approach to cloud security

    3.8 Define data controls in the cloud

    4.1 Define cloud monitoring strategy

    4.2 Define cloud provisioning strategy

    4.3 Define cloud migration strategy

    This phase will walk you through the following activities:

    1. Record your cloud mission and vision
    2. Document your cloud strategy’s alignment with other strategic plans
    3. Record your cloud guiding principles
    4. Define success

    This phase has the following outcome:

    • Documented strategy: vision and alignment

    Record your mission and vision

    Build on the work you’ve already done

    Before formally documenting your cloud strategy, you should ensure that you have a good understanding of your overall cloud vision. How do you plan to leverage the cloud? What goals are you looking to accomplish? How will you distribute your workloads between different cloud service models (SaaS, PaaS, IaaS)? What will your preferred delivery model be (public, private, hybrid)? Will you support your cloud deployment internally or use the services of various consultants or managed service providers?

    The answers to these questions will inform the first section of your cloud strategy. If you haven’t put much thought into this or think you could use a deep dive on the fundamentals of your cloud vision and cloud archetypes, consider reviewing Define Your Cloud Vision, the companion blueprint to this one.

    Once you understand your cloud vision and what you’re trying to accomplish with your cloud strategy, this phase will walk you through aligning the strategy with other strategic initiatives. What decisions have others made that will impact the cloud strategy (or that the cloud strategy will impact)? Who must be involved/informed? What callouts must be involved at what point? Do users have access to the appropriate strategic documentation (and would they understand it if they did)?

    You must also capture some guiding principles. A strategy by its nature provides direction, helping readers understand the decisions they should make and why those decisions align with organizational interests. Creating some top-level principles is a useful exercise because those principles facilitate comprehension and ensure the strategy’s applicability.

    Finally, this phase will walk you through the process of measuring success. Once you know where you’d like to go, the principles that underpin your direction, and how your cloud strategy figures into the broader strategic pantheon, you should record what success actually means. If you’re looking to save money, overall cost should be a metric you track. If the cloud is all about productivity, generate appropriate productivity metrics. If you’re looking to expand into new technology or close a datacenter, you will need to track output specific to those overall goals.

    Review: mission and vision

    The overall organizational mission is a key foundational element of the cloud strategy. If you don’t understand where you’re going, how can you begin the journey to get there? This section of the strategy has four key parts that you should understand and incorporate into the beginning of the strategy document. If you haven’t already, review Define Your Cloud Vision for instructions on how to generate these elements.

    1. Cloud vision statement: This is a succinct encapsulation of your overall perspective on the suitability of cloud services for your environment – what you hope to accomplish. The ideal statement includes a scope (who/what does the strategy impact?), a goal (what will it accomplish?), and a key differentiator (what will make it happen?). This is an example: “[Organization] will leverage public cloud solutions and retire existing datacenter and colocation facilities. This transition will simplify infrastructure administration, support and security, while modernizing legacy infrastructure and reducing the need for additional capital expenditure.” You might also consider reviewing your overall cloud archetype (next slide) and including the output of that exercise in the document

    2. Service model decision framework: Services can be provided as software as a service (SaaS), platform as a service (PaaS), infrastructure as a service (IaaS), or they can be colocated or remain on premises. Not all cloud service models serve the same purpose or provide equal value in all circumstances. Understanding how you plan to take advantage of these distinct service models is an important component of the cloud strategy. In this section of the strategy, a rubric that captures the characteristics of the ideal workload for each of the named service models, along with some justification for the selection, is essential. This is a core component of Define Your Cloud Vision, and if you would like to analyze individual workloads, you can use the Cloud Vision Workbook for that purpose.

    3. Delivery model decision framework: Just as there are different cloud service models that have unique value propositions, there are several unique cloud delivery models as well, distinguished by ownership, operation, and customer base. Public clouds are the purview of third-party providers who make them available to paying customers. Private clouds are built for the exclusive use of a designated organization or group of organizations with internal clients to serve. Hybrid clouds involve the use of multiple, interoperable delivery models (interoperability is the key term here), while multi-cloud deployment models incorporate multiple delivery and service models into a single coherent strategy. What will your preferred delivery model be? Why?

    4. Support model decision framework: Once you have a service model nailed down and understand how you will execute on the delivery, the question then becomes about how you will support your cloud deployment going forward. Broadly speaking, you can choose to manage your deployment in house using internal resources (e.g. staff), to use managed service providers for ongoing support, or to hire consultants to handle specific projects/tasks. Each approach has its strengths and weaknesses, and many cloud customers will deploy multiple support models across time and different workloads. A foundational perspective on the support model is a key component of the cloud vision and should appear early in the strategy.

    Understand key cloud concepts: Archetype

    Once you understand the value of the cloud, your workloads’ general suitability for the cloud, and your proposed risks and mitigations, the next step is to define your cloud archetype. Your organization’s cloud archetype is the strategic posture that IT adopts to best support the organization’s goals. Info-Tech’s model recognizes seven archetypes, divided into three high-level archetypes. After consultation with your stakeholders, and based on the results of the suitability and risk assessment activities, define your archetype. The archetype feeds into the overall cloud vision and provides simple insight into the cloud future state for all stakeholders. The cloud vision itself is captured in a “vision statement,” a short summary of the overall approach that includes the overall cloud archetype.

    The image contains an arrow facing vertically up. The pointed end of the arrow is labelled more cloud, and the bottom of the arrow is labelled less cloud.

    We can best support the organization’s goals by:

    Cloud-Focused

    Cloud-Centric

    Providing all workloads through cloud delivery.

    Cloud-First

    Using the cloud as our default deployment model. For each workload, we should ask “why NOT cloud?”

    Cloud-Opportunistic

    Hybrid

    Enabling the ability to transition seamlessly between on-premises and cloud resources for many workloads.

    Integrated

    Combining cloud and traditional infrastructure resources, integrating data and applications through APIs or middleware.

    Split

    Using the cloud for some workloads and traditional infrastructure resources for others.

    Cloud-Averse

    Cloud-Light

    Using traditional infrastructure resources and limiting our use of the cloud to when it is absolutely necessary.

    Anti-Cloud

    Using traditional infrastructure resources and avoiding the use of cloud wherever possible.

    Drive Customer Convenience by Enabling Text-Based Customer Support

    • Buy Link or Shortcode: {j2store}531|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Customer Relationship Management
    • Parent Category Link: /customer-relationship-management
    • Text messaging services and applications (such as SMS, iMessage, WhatsApp, and Facebook Messenger) have seen explosive growth over the last decade. They are an entrenched part of consumers’ daily lives. For many demographics, text messaging rather than audio calls is the preferred medium of communication via smartphone.
    • Despite the popularity of text messaging services and applications with consumers, organizations have been slow to adequately incorporate these channels into their customer service strategy.
    • The result is a major disconnect between the channel preferences of consumers and the customer service options being offered by businesses.

    Our Advice

    Critical Insight

    • IT must work with their counterparts in customer service to build a technology roadmap that incorporates text messaging services and apps as a core channel for customer interaction. Doing so will increase IT’s stature as an innovator in the eyes of the business, while allowing the broader organization to leapfrog competitors that have not yet added text-based support to their repertoire of service channels. Incorporating text messaging as a customer service channel will increase customer satisfaction, improve retention, and reduce cost-to-serve.
    • A prudent strategy for text-based customer service begins with defining the value proposition and creating objectives: is there a strong fit with the organization’s customers and service use cases? Next, organizations must create a technology enablement roadmap for text-based support that incorporates the right tools and applications to deliver it. Finally, the strategy must address best practices for text-based customer service workflows and appropriate resourcing.

    Impact and Result

    • Understand the value and use cases for text-based customer support.
    • Create a framework for enabling technologies that will support scalable text-based customer service.
    • Improve underlying business metrics such as customer satisfaction, retention, and time to resolution by having a plan for text-based support.
    • Better align IT with customer service and support needs.

    Drive Customer Convenience by Enabling Text-Based Customer Support Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should be leveraging text-based services for customer support, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Create the business case for text-based customer support

    Understand the use cases and benefits of using text-based services for customer support, and establish how they align to the organization’s current service strategy.

    • Drive Customer Convenience by Enabling Text-Based Customer Support – Phase 1: Create the Business Case for Text-Based Customer Support
    • Text-Based Customer Support Strategic Summary Template
    • Text-Based Customer Support Project Charter Template
    • Text-Based Customer Support Business Case Assessment

    2. Create a technology enablement framework for text-based customer support

    Identify the right applications that will be needed to adequately support a text-based support strategy.

    • Drive Customer Convenience by Enabling Text-Based Customer Support – Phase 2: Create a Technology Enablement Framework for Text-Based Customer Support
    • Text-Based Customer Support Requirements Traceability Matrix

    3. Create customer service workflows for text-based support

    Create repeatable workflows and escalation policies for text-centric support.

    • Drive Customer Convenience by Enabling Text-Based Customer Support – Phase 3: Create Customer Service Workflows for Text-Based Support
    • Text-Based Customer Support TCO Tool
    • Text-Based Customer Support Acceptable Use Policy
    [infographic]

    Workshop: Drive Customer Convenience by Enabling Text-Based Customer Support

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Create the Business Case for Text-Based Support

    The Purpose

    Create the business case for text-based support.

    Key Benefits Achieved

    A clear direction on the drivers and value proposition of text-based customer support for your organization.

    Activities

    1.1 Identify customer personas.

    1.2 Define business and IT drivers.

    Outputs

    Identification of IT and business drivers.

    Project framework and guiding principles for the project.

    2 Create a Technology Enablement Framework for Text-Based Support

    The Purpose

    Create a technology enablement framework for text-based support.

    Key Benefits Achieved

    Prioritized requirements for text-based support and a vetted shortlist of the technologies needed to enable it.

    Activities

    2.1 Determine the correct migration strategy based on the current version of Exchange.

    2.2 Plan the user groups for a gradual deployment.

    Outputs

    Exchange migration strategy.

    User group organization by priority of migration.

    3 Create Service Workflows for Text-Based Support

    The Purpose

    Create service workflows for text-based support.

    Key Benefits Achieved

    Customer service workflows and escalation policies, as well as risk mitigation considerations.

    Present final deliverable to key stakeholders.

    Activities

    3.1 Review the text channel matrix.

    3.2 Build the inventory of customer service applications that are needed to support text-based service.

    Outputs

    Extract requirements for text-based customer support.

    4 Finalize Your Text Service Strategy

    The Purpose

    Finalize the text service strategy.

    Key Benefits Achieved

    Resource and risk mitigation plan.

    Activities

    4.1 Build core customer service workflows for text-based support.

    4.2 Identify text-centric risks and create a mitigation plan.

    4.3 Identify metrics for text-based support.

    Outputs

    Business process models assigned to text-based support.

    Formulation of risk mitigation plan.

    Key metrics for text-based support.

    Design a VIP Experience for Your Service Desk

    • Buy Link or Shortcode: {j2store}480|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Service Desk
    • Parent Category Link: /service-desk
    • VIPs and executives expect to get immediate service for every IT issue, no matter how minor, and the service desk is constantly in reactive mode trying to quickly resolve these issues.
    • VIPs don’t understand or have input into service desk processes, procedures, and SLAs, especially when it comes to prioritization of their issues over other tickets.
    • The C-suite calls the CIO directly with every issue they have, tying them up and forcing them to redirect resources with little notice.
    • VIP tickets sit in the queue too long without a response or resolution, and VIPs are dissatisfied with the service they receive.

    Our Advice

    Critical Insight

    • Service desk and IT leaders are unclear on VIPs' service delivery expectations or the best support model to meet their needs while continuing to meet SLAs for the rest of the organization.
    • Deploying resources to service VIPs ahead of other users or more critical problems can result in inappropriate prioritization of issues and poor service delivery to the rest of the organization.
    • The reality for most organizations is that VIPs need special treatment; but providing VIP service shouldn’t come at the expense of good service delivery for the rest of the organization.

    Impact and Result

    • Stop being reactive to VIP requests and start planning for them so you can formally define the service and set expectations.
    • Talk to all relevant stakeholders to clarify their expectations before choosing a VIP service delivery model. Once you have designed your model, define and document the VIP service processes and procedures and communicate them to your stakeholders so everyone is clear on what is in and out of scope.
    • Once you’ve launched the service, track and report on key service desk metrics associated with VIP requests so you can properly allocate resources, budget accurately, evaluate the effectiveness of the service and demonstrate it to executives.

    Design a VIP Experience for Your Service Desk Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Design a VIP Experience for Your Service Desk Storyboard – A guide to defining your VIP service desk support model

    Follow the seven steps outlined in this blueprint to design a VIP support model that best suits your organization, then communicate and evaluate the service to ensure it delivers results.

    • Design a VIP Experience for Your Service Desk Storyboard

    2. Service Desk VIP Procedures Template – A customizable template to document your service desk procedures for handling VIP tickets.

    This template is designed to assist with documenting your service desk procedures for handling VIP or executive tickets. It can be adapted and customized to reflect your specific support model and procedures.

    • Service Desk VIP Procedures Template

    3. VIP Support Process Workflow Example – A Visio template to document your process for resolving VIP tickets.

    This Visio template provides an example of a VIP support process, with every step involved in resolving or fulfilling VIP service desk tickets. Use this as an example to follow and a template to document your own process.

    • VIP Support Process Workflow Example

    4. VIP Support Service Communication Template – A customizable PowerPoint template to communicate and market the service to VIP users.

    This template can be customized to use as an executive presentation to communicate and market the service to VIP users and ensure everyone is on the same page.

    • VIP Support Service Communication Template
    [infographic]

    Further reading

    Design a VIP Experience for Your Service Desk

    Keep the C-suite satisfied without sacrificing service to the rest of the organization.

    Analyst Perspective

    Stop being reactive to VIP demands and formalize their service offering.

    Natalie Sansone, PHD

    Natalie Sansone, PHD

    Research Director,
    Infrastructure & Operations
    Info-Tech Research Group

    In a perfect world, executives wouldn’t need any special treatment because the service desk could rapidly resolve every ticket, regardless of the submitter, keeping satisfaction levels high across the board.

    But we know that’s not the case for most organizations. Executives and VIPs demand higher levels of service because the reality in most companies is that their time is worth more. And any IT leader who’s had a VIP complain about their service knows that their voice also carries more weight than that of a regular dissatisfied user.

    That said, most service desks feel strapped for resources and don’t know how to improve service for VIPs without sacrificing service to the rest of the organization.

    The key is to stop being reactive to VIP demands and formalize your VIP service procedures so that you can properly set expectations for the service, monitor and measure it, and continually evaluate it to make changes if necessary.

    A VIP offering doesn’t have to mean a white glove concierge service, either – it could simply mean prioritizing VIP tickets differently. How do you decide which level of service to offer? Start by assessing your specific needs based on demand, gather requirements from relevant stakeholders, choose the right approach to fit your business needs and capabilities, clearly define and document all aspects of the service then communicate it so that everyone is on the same page as to what is in and out of scope, and continually monitor and evaluate the service to make changes and improvements as needed.

    Executive Summary

    Your Challenge

    • VIPs and executives expect to get immediate service for every IT issue, no matter how minor, and the service desk is constantly in reactive mode trying to quickly resolve these issues.
    • VIPs don’t understand or have input into service desk processes, procedures, and SLAs, especially when it comes to prioritization of their issues over other tickets.
    • The C-suite calls the CIO directly with every issue they have, tying them up and forcing them to redirect resources with little notice.
    • VIP tickets sit in the queue too long without a response or resolution, and VIPs are dissatisfied with the service they receive.

    Common Obstacles

    • Service desk and IT leaders are unclear on the expectations that VIPs have for service delivery, or they disagree about the best support model to meet their needs while continuing to meet SLAs for the rest of the organization.
    • Service desk teams with limited resources are unsure how best to allocate those resources to handle VIP tickets in a timely manner.
    • There aren’t enough resources available at the service desk to provide the level of service that VIPs expect for their issues.
    • Deploying resources to service VIPs ahead of other users can result in inappropriate prioritization of issues and poor service delivery to the rest of the organization

    Info-Tech's Approach

    • Stop being reactive to VIP requests and start planning for them so you can formally define the service and set expectations.
    • Talk to all relevant stakeholders to clarify their expectations before choosing a VIP service delivery model.
    • Define and document the VIP service processes and procedures, including exactly what is in and out of scope.
    • Track and report on metrics associated with VIP requests so you can properly allocate resources and budget for the service.
    • Continually evaluate the service to expand, reduce, or redefine it, as necessary.

    Info-Tech Insight

    The reality for most organizations is that VIPs need special treatment. But providing VIP service shouldn’t come at the expense of good service delivery for the rest of the organization. To be successful with your approach, formalize the VIP offering to bring consistency and clear expectations for both users and the IT staff delivering the service.

    Do any of these scenarios sound familiar?

    All these familiar scenarios can occur when the service desk treats VIP issues reactively and doesn’t have a defined, documented, and agreed-upon VIP process in place.
    • A VIP calls because their personal printer isn’t working, but you also have a network issue affecting payroll being able to issue paychecks. The VIP wants their issue fixed immediately despite there being a workaround and a higher priority incident needing resources.
    • The COO calls the CIO after hours about issues they’re having with their email. The CIO immediately deploys a field tech back to the office to help the COO. Once the tech arrives, the COO says the issue could have waited until the morning.
    • The company president wants IT to spend a day at their house setting up their new personal laptop to be able to connect into the office before their vacation tomorrow. It would take away one FTE from an already understaffed service desk.
    • The CEO brings their child’s new iPhone in and asks the service desk if they have time to set it up as a favor today. The service desk manager instructs the T2 apps specialist to drop his other tickets to work on this immediately.
    • Two tickets come in at the same time – one is from an SVP who can’t log in to Teams and has an online meeting in half an hour, and the other is for a department of 10 who can’t access the network. The service desk doesn’t know who to help first.

    Different organizations can take very different approaches to VIP requests

    CASE STUDIES

    Providing VIP support helped this company grow

    Allocating a dedicated VIP technician slowed down service delivery for this company

    Situation

    A SaaS company looking to build and scale its services and customers decided to set up a VIP support program, which involved giving their most valuable customers white glove treatment to ensure they had a great experience, became long-term customers, and thus had a positive influence on others to build up the company’s customer base. VIPs were receiving executive-level support with a dedicated person for VIP tickets. The VIPs were happy with the service, but the VIP technician’s regular work was frequently impeded by having to spend most of her time doing white glove activities. The service desk found that in some cases, more critical work was slipping as a result of prioritizing all executive tickets.

    Resolution

    First, they defined who would receive VIP support, then they clearly defined the service, including what VIP support includes, who gets the service, and what their SLAs for service are. They found that the program was an effective way to focus their limited resources on the customers with the highest value potential to increase sales.
    While this model differs from an IT service desk VIP support program, the principles of dedicating resources to provide elevated support to your most important and influential customers for the benefit and growth of the company as a whole remain the same.
    The service desk decided to remove the VIP function. They demonstrated that the cost per contact was too high for dedicated executive support, and reallocating that dedicated technician to the service desk would improve the resolution time of all business incidents and requests. VIPs could still receive prioritized support through the escalation process, but they would contact the regular service desk with their issues. VIPs approved the change, and as a result of removing the dedicated support function, the service desk reduced average incident resolution times by 28% and request fulfillment times by 33%.

    A well-designed and communicated VIP support service can deliver many benefits

    The key to deciding whether a VIP service is right for your organization is to first analyze your needs, match them against your resources, then clearly define and document exactly what is in scope for the service.

    A successfully designed VIP service will lead to:

    • Executives and VIPs can easily contact the service desk and receive exceptional support and customer service from a knowledgeable technician, increasing their trust in the service desk.
    • All service desk tickets are prioritized appropriately and effectively in order to maximize overall ticket resolution and fulfillment times.
    • All users have a clear understanding of how to get in touch with the service desk and expected SLAs for specific ticket types.
    • Critical, business-impacting issues still receive priority service ahead of minor tickets submitted by a VIP.
    • All service desk technicians are clear on processes and procedures for prioritizing and handling VIP tickets.
    • Executives are satisfied with the service they receive and the value that IT provides
    • Reduced VIP downtime, contributing to overall organization productivity and growth.

    A poorly designed or reactive VIP service will lead to:

    • VIPs expect immediate service for non-critical issues, including after-hours.
    • VIPs circumvent the correct process and contact the CIO or service desk manager directly for all their issues.
    • Service desk resources stretched thin, or poor allocation of resources leads to degraded service for the majority of users.
    • More critical business issues are pushed back in order to fix non-critical executive issues.
    • Service desk is not clear how to prioritize tickets and always addresses VIP tickets first regardless of priority.
    • The service desk automatically acts on VIP tickets even when the VIP doesn’t require it or realize they’re getting a different level of service.
    • Non-VIP users are aware of the different service levels and try to request the same priority for their tickets. Support costs are over budget.

    Follow Info-Tech’s approach to design a successful VIP support model

    Follow the seven steps in this blueprint to design a VIP support model that works for your organization:
    1. Understand the support models available, from white glove service to the same service for everyone.
    2. Gather business requirements from all relevant stakeholders.
    3. Based on your business needs, choose the right approach.
    4. Define and document all details of the VIP service offering.
    5. Communicate and market the offering to VIPs so they’re aware of what’s in scope.
    6. Monitor volume and track metrics to evaluate what’s working.
    7. Continually improve or modify the service as needed over time.

    Blueprint deliverables

    The templates listed below are designed to assist you with various stages of this project. This storyboard will direct you when and how to complete them.

    Service Desk VIP Procedures Template

    Use this template to assist with documenting your service desk procedures for handling VIP or executive tickets.

    VIP Support Process Workflow Example

    Use this Visio template to document your process for resolving or fulfilling VIP tickets, from when the ticket is submitted to when it’s closed.

    VIP Support Service Communication Template

    Use this template to customize your executive presentation to communicate and market the service to VIP users.

    Insight Summary

    Key Insight

    The reality for most organizations is that VIPs need special treatment. But providing VIP service shouldn’t be at the expense of good service delivery for the rest of the organization. To be successful with your approach, formalize the VIP offering to bring consistency and clear expectations for both users and the IT staff delivering the service.

    Additional insights:

    Insight 1

    VIP service doesn’t have to mean concierge service. There are different levels and models of VIP support that range in cost and level of service provided. Carefully evaluate your needs and capacity to choose the approach that works best for your organization.

    Insight 2

    This service is for your most valued users, so design it right from the start to ensure their satisfaction. Involve stakeholders from the beginning, incorporate their feedback and requirements, keep them well-informed about the service, and continually collect and act on feedback to deliver the intended value.

    Insight 3

    Intentional, continual monitoring and measurement of the program must be part of your strategy. If your metrics or feedback show that something isn’t working, fix it. If you find that the perceived value isn’t worth the high cost of the program, make changes. Even if everything seems to be working fine, identify ways to improve it or make it more efficient.

    Step 1: Understand the different support models

    Step overview:

    • Understand the support models available, from white glove service to the same service for everyone

    First, define what “VIP support” means in your organization

    VIP support from the service desk usually refers to an elevated level of service (i.e. faster, after-hours, off-site, and/or with more experienced resources) that is provided to those at the executive level of the organization.

    A VIP typically includes executives across the business (e.g. CIO, CEO, CxO, VPs) and sometimes the executive assistants who work directly with them. However, it can also include non-executive-level but critical business roles in some organizations.

    The level of VIP service provided can differ from receiving prioritization in the queue to having a dedicated, full-time technician providing “white glove” service.

    Info-Tech Insight

    You don’t have to use the term “VIP”, as long as you clearly define the terms you are using. Some organizations use the term “VIR” to refer to very important roles rather than people, and some define “critical users” to reflect who should receive prioritized service, for example.

    There are essentially two options for VIP support, but multiple determining factors

    While the details are more specific, your options for VIP support really come down to two: they either receive some kind of enhanced service (either from a dedicated support team or through prioritization from the regular support team) or they don’t. Which option you choose will depend on a wide range of factors, some of which are represented in the diagram below. Factors such as IT budget, size of organization help determine which VIP support model you choose: Enhanced, or the same as everyone else. With enhanced service, you can opt to a dedicated support team or same support team but with prioritized service.

    Option 1: Same service for everyone

    What does it look like?

    VIP tickets are prioritized in the same way as every other ticket – with an assessment by impact and urgency. This allows every ticket to be prioritized appropriately according to how big the impact of the issue is and how quickly it needs to be resolved – regardless of who the submitter is. This means that VIPs with very urgent issues will still receive immediate support, as would a non-VIP user with a critical issue.

    Who is it best suited for?

    • Small organizations and IT teams.
    • Executives don’t want special treatment.
    • Not enough service desk resources or budget to provide prioritized or dedicated VIP service.
    • Service desk is already efficient and meeting SLAs for all requests and incidents.

    Pros

    • Highest level of consistency in service because the same process is followed for all user groups.
    • Ensures that service doesn’t suffer for non-VIP users for teams with a limited number of service desk staff.
    • No additional cost.
    • Potential to argue for more resources if executive service expectations aren’t met.

    Cons

    • Does not work if executives expect or require elevated service regardless of issue type.
    • Potential for increase in management escalations or complaints from dissatisfied executives. Some may end up jumping the queue as a result, which results in unstandardized VIP treatment only for some users.

    Info-Tech Insight

    Don’t design a VIP service solely out of fear that VIPs will be unhappy with the standard level of support the service desk provides. In some cases, it is better to focus your efforts on improving your standard support for everyone rather than only for a small percentage of users, especially if providing that elevated VIP support would further deteriorate service levels for the rest of the organization.

    Option 2: Prioritized service for VIPs

    What does it look like?

    • VIPs still go through the service desk but receive higher priority than non-VIP tickets.
    • Requests from VIP submitters are still evaluated using the standard prioritization matrix but are bumped up in urgency or priority. More critical issues can still take precedence.
    • Existing service desk resources are still used to resolve the request, but requests are just placed closer to the “front of the line.”
    • VIP users are identified in the ticketing system and may have a separate number to call or are routed differently/skip the queue within the ACD/IVR.

    Who is it best suited for?

    • Organizations that want or need to give VIPs expedited or enhanced service, but that don’t have the resources to dedicate to a completely separate VIP service desk team.

    Pros

    • Meets the need of executives for faster service.
    • Balances the need for prioritized service to VIPs while not sacrificing resources to handle most user requests.
    • All tickets still go through a single point of contact to be triaged and monitored by the service desk.
    • Easy to measure and compare performance of VIP service vs. standard service because processes are the same.

    Cons

    • Slight cost associated with implementing changes to phone system if necessary.
    • Makes other users aware that VIPs receive “special treatment” – some may try to jump the queue themselves.
    • May not meet the expectations of some executives who prefer dedicated, face-to-face resources to resolve their issues.

    Info-Tech Insight

    If you’re already informally bumping VIP tickets up the queue, this may be the most appropriate model for you. Bring formalization to your process by clearly defining exactly where VIP tickets fit in your prioritization matrix to ensure they are handled consistently and that VIPs are aware of the process.

    Option 3: Dedicated VIP service

    What does it look like?

    • VIPs contact a dedicated service desk and receive immediate/expedited support, often face to face.
    • Often a separate phone number or point of contact.
    • Similar to concierge service or “white glove” service models.
    • At least one dedicated FTE with good customer service skills and technical knowledge who builds trust with executives.

    Who is it best suited for?

    • Larger enterprises with many VIP users to support, but where VIPs are geographically clustered (as geography sprawls, the cost of the service will spiral).
    • IT organizations with enough resources on the service desk to support a dedicated VIP function.
    • Organizations where executives require immediate, in-person support.

    Pros

    • Most of the time, this model results in the fastest service delivery to executives.
    • Most personal method of delivering support with help often provided in person and from familiar, trusted technicians.
    • Usually leads to the highest level of satisfaction with the service desk from executives.

    Cons

    • Most expensive model; usually requires at least one dedicated, experienced FTE to support and sometimes after-hours support.
    • Essentially two separate service desks; can result in a disconnect between staff.
    • Career path and cross-training opportunities for the dedicated staff may be limited; role can be exhausting.
    • Reporting on the service can be more complicated and tickets are often logged after the fact.
    • If not done well, quality of service can suffer for the rest of the organization.

    Info-Tech Insight

    This type of model is essential in many large enterprises where the success of the company can depend on VIPs having access to dedicated support to minimize downtime as much as possible. However, it also requires the highest level of planning and dedication to get right. Without carefully documented processes and procedures and highly trained staff to support the model, it will fail to deliver the expected benefits.

    Step 2: Capture business needs

    Step overview:

    • Analyze your data and gather requirements to determine whether there is a need for a VIP service.

    Assess current state and metrics

    You can’t define your target state without a clear understanding of your current state. Analyze your ticket data and reports to identify the type and volume of VIP requests the service desk receives and how well you’re able to meet these requests with your current resources and structure.

    Analyze ticket data

    • What volume of tickets are you supporting? How many of those tickets come from VIP users?
    • What is your current resolution time for incidents and requests? How well are you currently meeting SLAs?
    • How quickly are executive/VIP tickets being resolved? How long do they have to wait for a response?
    • How many after-hours requests do you receive?

    Assess resourcing

    • How many users do you support; what percentage of them would be identified as VIP users?
    • How many service desk technicians do you have at each tier?
    • How well are you currently meeting demand? Would you be able to meet demand if you dedicated one or more Tier 2 technicians to VIP support?
    • If you would need to hire additional resources, is there budget to do so?

    Use the data to inform your assessment

    • Do you have a current problem with service delivery to VIPs and/or all users that needs to be addressed by changing the VIP support model?
    • Do you have the demand to support the need for a VIP service?
    • Do you have the resources to support providing VIP service?

    Leverage Info-Tech’s tools to inform your assessment

    Analyze your ticket data and reports to understand how well you’re currently meeting SLAs, your average response and resolution times, and the volume and type of requests you get from VIPs in order to understand the need for changing your current model. If you don’t have the ticket data to inform your assessment, leverage Info-Tech’s Service Desk Ticket Analysis Tool.

    Service Desk Ticket Analysis Tool

    Use this tool to identify trends and patterns in your ticket data. The ticket summary dashboard contains multiple reports analyzing how tickets come in, who requests them, who resolves them, and how long it takes to resolve them.

    If you need help understanding how well your current staff is able to handle your current ticket volume, leverage Info-Tech’s Service Desk Staffing Calculator to analyze demand and ticket volume trends. While not specifically designed to analyze VIP tickets, you could run the assessment separately for VIP volume if you have that data available.

    Service Desk Staffing Calculator

    Use this tool to help you estimate the optimal resource allocation to support your demand over time.

    Engage stakeholders to understand their requirements

    Follow your organization’s requirements gathering process to identify and prioritize stakeholders, conduct stakeholder interviews, and identify, track, and prioritize their requirements and expectations for service delivery.

    Gather requirements from VIP stakeholders

    1. Identify which stakeholders need to be consulted.
    2. Prioritize stakeholders in terms of influence and interest in order to identify who to engage in the requirements gathering process.
    3. Build a plan for gathering the requirements of key stakeholders in terms of VIP service delivery.
    4. Conduct requirements gathering and record the results of each stakeholder interaction.
    5. Analyze and summarize the results to determine the top expectations and requirements for VIP service desk support.

    If your organization does not have a defined requirements gathering process or template, leverage Info-Tech tools and templates:

    The Improve Requirements Gathering blueprint can be adapted from software requirements gathering to service desk.

    The PMO Requirements Gathering Tool can be adapted from interviewing stakeholders on their PMO requirements to service desk requirements.

    Info-Tech Insight

    Don’t guess at what your VIPs need or want – ask them and involve them in the service design. Many IT leaders sacrifice overall service quality to prioritize VIPs, thinking they expect immediate service. However, they later find out that the VIPs just assumed the service they were receiving was the standard service and many of their issues can wait.

    Identify additional challenges and opportunities by collecting perceptions of business users and stakeholders

    Formally measuring perceptions from your end users and key business stakeholders will help to inform your needs and determine how well the service desk is currently meeting demands from both VIP users and the entire user base.

    CIO Business Vision

    Info-Tech's CIO Business Vision program is a low-effort, high-impact program that will give you detailed report cards on the organization’s satisfaction with IT’s core services. Use these insights to understand your key business stakeholders, find out what is important to them, and improve your interactions.

    End User Satisfaction

    Info-Tech’s End User Satisfaction Program helps you measure end-user satisfaction and importance ratings of core IT services, IT communications, and business enablement to help you decide which IT service capabilities need to be addressed to meet the demands of the business.

    Learn more about Info-Tech’s CIO Business Vision or End User Satisfaction Program .

    Step 3: Choose the right approach

    Step overview:

    • Based on your assessment from Step 2, decide on the best way to move forward with your VIP service model.

    Use your assessment results to choose the most appropriate support model

    The table below is a rough guide for how the results of your assessments may line up to the most appropriate model for your organization:

    Example assessment results for: Dedicated service, prioritized service, and same servce based off of the assessment source: Ticket analysis, staffing analysis, or stakeholder.

    Info-Tech Insight

    If you’re in the position of deciding how to improve service to VIPs, it’s unlikely that you will end up choosing the “same service” model. If your data analysis tells you that you are currently meeting every metric target for all users, this may actually indicate that you’re overstaffed at the service desk.

    If you choose a specialized VIP support model, ensure there is a strong, defined need before moving forward

    Do not proceed if:

    • Your decision is purely reactive in response to a perceived need or challenges you’re currently experiencing
    • The demand is coming from a single dissatisfied executive without requirements from other VIPs being collected.
    • Your assessment data does not support the demand for a dedicated VIP function.
    • You don’t have the resources or support required to be successful in the approach.

    Proceed with a VIP model if:

    • You’re prepared to scale and support the model over the long term.
    • Business stakeholders have clearly expressed a need for improved VIP service.
    • Data shows that there is a high volume of urgent requests from VIPs.
    • You have the budget and resources required to support an enhanced VIP service delivery model.

    Step 4: Design the service offering

    Step overview:

    • Define and document all processes, procedures, and responsibilities relevant to the VIP support offering.

    Clearly define the service and eligible users

    Once you’ve decided on the most appropriate model, clearly describe the service and document who is eligible to receive it.

    1. Define exactly what the service is before going into the procedural details. High-level examples to start from are provided below:

    Prioritized Service Model

    When a designated VIP user contacts the service desk with a question, incident, or service request, their ticket will be prioritized over non-VIP tickets following the prioritization matrix. This process has been designed in accordance with business needs and requirements, as defined VIP users have more urgent demands on their time and the impact of downtime is greater as it has the potential to impact the business. However, all tickets, VIP tickets included, must still be prioritized by impact and urgency. Incidents that are more critical will still be resolved before VIP tickets in accordance with the prioritization process.

    Dedicated Service Model

    VIP support is a team of dedicated field technicians available to provide an elevated level of service including deskside support for executives and designated VIP users. VIP users have the ability to contact the VIP support service through a dedicated phone number and will receive expedited ticket handling and resolution by dedicated Tier 2 specialists with experience dealing with executives and their unique needs and requirements. This process has been designed in accordance with business needs and requirements.

    2 Identify VIP-eligible users

    • Define who qualifies as a VIP to receive VIP support or be eligible to contact the dedicated VIP service desk/concierge desk.
    • If other users or EAs can submit tickets on behalf of VIPs, identify those individuals as well.
    • Review the list and cut back if necessary. Less is usually more here, especially when starting out. If everyone is a VIP, then no one is truly a VIP.
    • Identify who maintains ownership over the list of eligible VIP users and how any changes to the list or requests for changes will be handled.
    • Ensure that all VIP-eligible users are clearly identified in the ITSM system.

    Map out the VIP process in a workflow

    Use a visual workflow to document the process for resolving or fulfilling VIP tickets, from when the ticket is submitted to when it gets closed.

    Your workflow should address the following:

    • How should the ticket be prioritized?
    • When are escalations necessary?
    • What happens if a user requests VIP service but is not defined as eligible?
    • Should the user verify that the issue is resolved before the ticket is closed?
    • What automatic notifications or communications need to go out and when?
    • What manual communications or notifications need to be sent out (e.g. when a ticket is escalated or reassigned)?
    VIP Support Process Example.

    Use the VIP Support Process Workflow Example as a template to map out your own process.

    Define and document all VIP processes and procedures

    Clearly describe the service and all related processes and procedures so that both the service delivery team and users are on the same page.

    Define all aspects of the service so that every VIP request will follow the same standardized process and VIPs will have clear expectations for the service they receive. This may include:

    • How VIPs should contact the service desk
    • How VIP tickets will be prioritized
    • SLAs and service expectations for VIP tickets
    • Ticket resolution or fulfillment steps and process
    • Escalation points and contacts
    • After-hours requests process

    If VIP user requests receive enhanced priority, for example, define exactly how those requests should be prioritized using your prioritization matrix. An example is found below and in the Service Desk VIP Procedures Template.

    Prioritization matrix for classification of incidents and requests.

    Use Info-Tech’s Service Desk VIP Procedures Template as a guide

    This template is designed to assist with documenting your service desk procedures for handling VIP or executive tickets. The template is not meant to cover all possible VIP support models but is an example of one support model only. It should be adapted and customized to reflect your specific support model and procedures.

    It includes the following sections:

    1. VIP support description/overview
    2. VIP support entitlement (who is eligible)
    3. Procedures
      • Ticket submission and triage
      • Ticket prioritization
      • SLAs and escalation
      • VIP ticket resolution process
      • After-hours requests
    4. Monitoring and reporting

    Download the Service Desk VIP Procedures Template

    Allocate resources or assign responsibilities specific to VIP support

    Regardless of the support model you choose, you’ll need to be clear on service desk agents’ responsibilities when dealing with VIP users.
    • Clarify the expectations of any service desk agent who will be handling VIP tickets; they should demonstrate excellent customer service skills and expertise, respect for the VIP and the sensitivity of their data, and prompt service.
    • Use a RACI chart to clarify responsibility and accountability for VIP-specific support tasks.
    • If you will be moving to a dedicated VIP support team, clearly define the responsibilities of any new roles or tasks. Sample responsibilities can be found on the right.
    • If you will be changing the role of an existing service desk agent to become focused solely on providing VIP support, clarify how the responsibilities of other service desk agents may change too, if at all.
    • Be clear on expectations of agents for after-hours support, especially if there will be a change to the current service provision.

    Sample responsibilities for a dedicated VIP support technician/specialist may include:

    • Resolve support tickets for all eligible VIP users following established processes and procedures.
    • Provide both onsite and remote support to executives.
    • Quickly and effectively diagnose and resolve technical issues with minimal disruption to the executive team.
    • Establish trust with executives/VIPs by maintaining confidentiality and privacy while providing technical support.
    • Set up, monitor, and support high-priority meetings, conferences, and events.
    • Demonstrate excellent communication and customer service skills when providing support to executives.
    • Coordinate more complex support issues with higher level support staff and track tickets through to resolution when needed.
    • Learn new technology and software ahead of implementation to train and support executive teams for use.
    • Conduct individual or group training as needed to educate on applications or how to best use technology to enhance productivity.
    • Proactively manage, maintain, update, and upgrade end-user devices as needed.

    Configure your ITSM tool to support your processes

    Configure your tool to support your processes, not the other way around.
    • Identify and configure VIP users in the system to ensure that they are easily identifiable in the system (e.g. there may be a symbol beside their name).
    • Configure automations or build ticket templates that would automatically set the urgency or priority of VIP tickets.
    • Configure any business rules or workflows that apply to the VIP support process.
    • Define any automated notifications that need to be sent when a VIP ticket is submitted, assigned, escalated, or resolved (e.g. notify service desk manager or a specific DL).
    • Define metrics and customize dashboards and reports to monitor VIP tickets and measure the success of the VIP service.
    • Configure any SLAs that apply only to VIPs to ensure displayed SLAs are accurate.

    Step 5: Launch the service

    Step overview:

    • Communicate and market the service to all relevant stakeholders so everyone is on the same page as to how it works and what’s in scope.

    Communicate the new or revised service to relevant stakeholders ahead of the launch

    If you did your due diligence, the VIP service launch won’t be a surprise to executives. However, it’s critical to

    continue the engagement and communicate the details of the service well to ensure there are no misperceptions about the

    service when it launches.

    Goals of communicating and marketing the service:

    1. Create awareness and understanding of the purpose of the VIP service and what it means for eligible users.
    2. Solidify commitment and buy-in for the service from all stakeholders.
    3. Ensure that all users know how to access the service and any changes to the way they should interact with the service desk.
    4. Set expectations for new/revised service levels.
    5. Reduce and address any concerns about the change in process.

    Info-Tech Insight

    This step isn’t only for the launch of new services. Even if you’re enhancing or right-sizing an existing VIP service, take the opportunity to market the improvements, remind users of the correct processes, and collect feedback.

    Leverage Info-Tech’s communication template to structure your presentation

    This template can be customized to use as an executive presentation to communicate and market the service to VIP users. It includes:

    • Key takeaways
    • Current-state assessment
    • Requirements gathering and feedback results
    • Objectives for the service
    • Anticipated benefits
    • Service entitlement
    • How the service works
    • Escalations and feedback contacts
    • Timeline of next steps

    Info-Tech Insight

    If you’re launching a dedicated concierge service for VIPs, highlight the exclusivity of the service in your marketing to draw users in. For example, if eligible VIPs get a separate number to call, expedited SLAs, or access to more tenured service desk experts, promote this added value of the service.

    Download the VIP Support Service Communication Template

    Step 6: Monitor and measure

    Step overview:

    • Measure and monitor the success of the program by tracking and reporting on targeted metrics.

    Evaluate and demonstrate the success of the program with key metrics

    Targeted metrics to evaluate the success of the VIP program will be critical to understanding and demonstrating whether the service is delivering the intended value. Track key metrics to:

    • Track if and how well you’re meeting your defined SLAs for VIP support.
    • Measure demand for VIP support (i.e. ticket volume and types of tickets) and evaluate against resource supply to determine whether a staffing adjustment is needed to meet demand.
    • Measure the cost of providing the VIP service in order to report back to executives.
    • Leverage real data to quantitatively demonstrate that you’re providing enhanced service to VIPs if there is an escalation or negative feedback from one individual.
    • Monitor service delivery to non-VIP users to ensure that service to the rest of the organization isn’t impacted by the VIP service
    • Evaluate the types of ticket that are submitted to the VIP service to inform training plans, self-service options, device upgrades, or alternatives to reduce future volume.

    Info-Tech Insight

    If your data definitively shows the VIP offering delivers enhanced service levels, publish these results to business leadership. A successful VIP service is a great accomplishment to market and build credibility for the service desk.

    Tie metrics to critical success factors

    Apart from your regular service desk metrics, identify the top metrics to tie to the key performance indicators of the program’s success factors.

    Sample Critical Success Factors

    • Increased executive satisfaction with the service desk
    • Improved response and resolution times to VIP tickets
    • Demand for the service is matched by supply

    Sample Metrics

    • End-user satisfaction scores on VIP tickets
    • Executive satisfaction with the service desk as measured on a broader annual survey
    • Response and resolution times for VIP tickets
    • Percentage of SLAs met for VIP tickets
    • VIP ticket volume
    • Average speed of answer for VIP calls

    Download Define Service Desk Metrics that Matter and the Service Desk Metrics Workbook for help defining CSFs, KPIs, and key metrics

    Step 7: Continually improve

    Step overview:

    • Continually evaluate the program to identify opportunities for improvement or modifications to the service support model.

    Continually evaluate the service to identify improvements

    Executives are happy, resolution times are on target – now what? Even if everything seems to be working well, never stop monitoring, measuring, and evaluating the service. Not only can metrics change, but there can also always be ways to improve service.

    • Continual improvement should be a mindset – there are always opportunities for improvement, and someone should be responsible for identifying and tracking these opportunities so that they actually get done.
    • Just as you asked for feedback and involvement from VIPs (and their assistants who may submit tickets on their behalf) in designing the service, you should continually collect that feedback and use it to inform improvements to the service.
    • End-user satisfaction surveys, especially broader, more targeted surveys, are also a great source of improvement ideas.
    • Even if end users don’t perceive any need for improvement, IT should still assess how they can make their own processes more efficient or offer alternatives to make delivery easier.

    Download Info-Tech’s Build a Continual Improvement Program blueprint to help you build a process around continual improvement, and use the Continual Improvement Register tool to help you identify and prioritize improvement initiatives.

    Info-Tech Insight

    Don’t limit your continual improvement efforts to the VIP service. Once you’ve successfully elevated the VIP service, look to how you can apply elements of that service to elevate support to the rest of the organization. For example, through providing a roaming service desk, a concierge desk, a Genius-Bar-style walk-in service, etc.

    Expand, reduce, or modify as needed

    Don’t stop with a one-time program evaluation. Continually use your metrics to evaluate whether the service offering needs to change to better suit the needs of your executives and organization. It may be fine as is, or you may find you need to do one of the following:

    Expand

    • If the service offering has been successful and/or your data shows underuse of VIP-dedicated resources, you may be able to expand the offering to identify additional roles as VIP-eligible.
    • Be cautious not to expand the service too widely; not only should it feel exclusive to VIPs, but you need to be able to support it.
    • Also consider whether elements that have been successful in the VIP program (e.g. a concierge desk, after-hours support) should be expanded to be offered to non-VIPs.

    Reduce

    • If VIPs are not using the service as much as anticipated or data shows supply outweighs demand, you may consider scaling back the service to save costs and resources.
    • However, be careful in how you approach this – it shouldn’t negatively impact service to existing users.
    • Rather, evaluate costly services like after-hours support and whether it’s necessary based on demand, adjust SLAs if needed, or reallocate service desk resources or responsibilities. For example, if demand doesn’t justify a dedicated service desk technician, either add non-VIP tasks to their responsibilities or consider moving to a prioritized model.

    Modify

    • The support model doesn’t need to be set in stone. If elements aren’t working, change them! If the entire support model isn’t working, reevaluate if it’s the best model for your organization.
    • Don’t make decisions in a vacuum, though. Just as executives were involved in decision-making at the outset, continually gather their feedback and use it to inform the service design.

    Related Info-Tech Research

    Standardize the Service Desk

    This project will help you build and improve essential service desk processes, including incident management, request fulfillment, and knowledge management to create a sustainable service desk.

    Optimize the Service Desk With a Shift-Left Strategy

    This project will help you build a strategy to shift service support left to optimize your service desk operations and increase end-user satisfaction.

    Build a Continual Improvement Plan

    This project will help you build a continual improvement plan for the service desk to review key processes and services and manage the progress of improvement initiatives.

    Deliver a Customer Service Training Program to Your IT Department

    This project will help you deliver a targeted customer service training program to your IT team to enhance their customer service skills when dealing with end users, improve overall service delivery, and increase customer satisfaction.

    Works Cited

    Munger, Nate. “Why You Should Provide VIP Customer Support.” Intercom, 13 Jan. 2016. Accessed Jan. 2023.

    Ogilvie, Ryan. “We Did Away With VIP Support and Got More Efficient.” HDI, 17 Sep. 2020. Accessed Jan. 2023.

    The Rapid Application Selection Framework

    • Buy Link or Shortcode: {j2store}608|cart{/j2store}
    • member rating overall impact (scale of 10): 9.2/10 Overall Impact
    • member rating average dollars saved: $37,512 Average $ Saved
    • member rating average days saved: 22 Average Days Saved
    • Parent Category Name: Selection & Implementation
    • Parent Category Link: /selection-and-implementation
    • Selection takes forever. Traditional software selection drags on for years, sometimes in perpetuity.
    • IT is viewed as a bottleneck and the business has taken control of software selection.
    • “Gut feel” decisions rule the day. Intuition, not hard data, guides selection, leading to poor outcomes.
    • Negotiations are a losing battle. Money is left on the table by inexperienced negotiators.
    • Overall: Poor selection processes lead to wasted time, wasted effort, and applications that continually disappoint.

    Our Advice

    Critical Insight

    • Adopt a formal methodology to accelerate and improve software selection results.
    • Improve business satisfaction by including the right stakeholders and delivering new applications on a truly timely basis.
    • Kill the “sacred cow” requirements that only exist because “it’s how we’ve always done it.”
    • Forget about “RFP” overload and hone in on the features that matter to your organization.
    • Skip the guesswork and validate decisions with real data.
    • Take control of vendor “dog and pony shows” with single-day, high-value, low-effort, rapid-fire investigative interviews.
    • Master vendor negotiations and never leave money on the table.

    Impact and Result

    Improving software selection is a critical project that will deliver huge value.

    • Hit a home run with your business stakeholders: use a data-driven approach to select the right application vendor for their needs – fast.
    • Shatter stakeholder expectations with truly rapid application selections.
    • Boost collaboration and crush the broken telephone with concise and effective stakeholder meetings.
    • Lock in hard savings and do not pay list price by using data-driven tactics.

    The Rapid Application Selection Framework Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. The Rapid Application Selection Framework

    • The Rapid Application Selection Framework Deck

    2. The Guide to Software Selection: A Business Stakeholder Manual

    • The Guide to Software Selection: A Business Stakeholder Manual

    3. The Software Selection Workbook

    • The Software Selection Workbook

    4. The Vendor Evaluation Workbook

    • The Vendor Evaluation Workbook
    [infographic]

    Minimize the Damage of IT Cost Cuts

    • Buy Link or Shortcode: {j2store}53|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Cost & Budget Management
    • Parent Category Link: /cost-and-budget-management
    • Average growth rates for Opex and Capex budgets are expected to continue to decline over the next fiscal year.
    • Common “quick-win” cost-cutting initiatives are not enough to satisfy the organization’s mandate.
    • Cost-cutting initiatives often take longer than expected, failing to provide cost savings before the organization’s deadline.
    • Cost-optimization projects often have unanticipated consequences that offset potential cost savings and result in business dissatisfaction.

    Our Advice

    Critical Insight

    • IT costs affect the entire business, not just IT. For this reason, IT must work with the business collaboratively to convey the full implications of IT cost cuts.
    • Avoid making all your cuts at once; phase your cuts by taking into account the magnitude and urgency of your cuts and avoid unintended consequences.
    • Don’t be afraid to completely cut a service if it should not be delivered in the first place.

    Impact and Result

    • Take a value-based approach to cost optimization.
    • Reduce IT spend while continuing to deliver the most important services.
    • Involve the business in the cost-cutting process.
    • Develop a plan for cost cutting that avoids unintended interruptions to the business.

    Minimize the Damage of IT Cost Cuts Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should take a value-based approach to cutting IT costs, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Understand the mandate and take immediate action

    Determine your approach for cutting costs.

    • Minimize the Damage of IT Cost Cuts – Phase 1: Understand the Mandate and Take Immediate Action
    • Cost-Cutting Plan
    • Cost-Cutting Planning Tool

    2. Select cost-cutting initiatives

    Identify the cost-cutting initiatives and design your roadmap.

    • Minimize the Damage of IT Cost Cuts – Phase 2: Select Cost-Cutting Initiatives

    3. Get approval for your cost-cutting plan and adopt change management best practices

    Communicate your roadmap to the business and attain approval.

    • Minimize the Damage of IT Cost Cuts – Phase 3: Get Approval for Your Cost-Cutting Plan and Adopt Change Management Best Practices
    • IT Personnel Engagement Plan
    • Stakeholder Communication Planning Tool
    [infographic]

    Workshop: Minimize the Damage of IT Cost Cuts

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Understand the Mandate and Take Immediate Action

    The Purpose

    Determine your cost-optimization stance.

    Build momentum with quick wins.

    Key Benefits Achieved

    Understand the internal and external drivers behind your cost-cutting mandate and the types of initiatives that align with it.

    Activities

    1.1 Develop SMART project metrics.

    1.2 Dissect the mandate.

    1.3 Identify your cost-cutting stance.

    1.4 Select and implement quick wins.

    1.5 Plan to report progress to Finance.

    Outputs

    Project metrics and mandate documentation

    List of quick-win initiatives

    2 Select Cost-Cutting Initiatives

    The Purpose

    Create the plan for your cost-cutting initiatives.

    Key Benefits Achieved

    Choose the correct initiatives for your roadmap.

    Create a sensible and intelligent roadmap for the cost-cutting initiatives.

    Activities

    2.1 Identify cost-cutting initiatives.

    2.2 Select initiatives.

    2.3 Build a roadmap.

    Outputs

    High-level cost-cutting initiatives

    Cost-cutting roadmap

    3 Get Approval for Your Cost-Cutting Plan and Adopt Change Management Best Practices

    The Purpose

    Finalize the cost-cutting plan and present it to the business.

    Key Benefits Achieved

    Attain engagement with key stakeholders.

    Activities

    3.1 Customize your cost-cutting plan.

    3.2 Create stakeholder engagement plans.

    3.3 Monitor cost savings.

    Outputs

    Cost-cutting plan

    Stakeholder engagement plan

    Cost-monitoring plan

    Get the Most Out of Workday

    • Buy Link or Shortcode: {j2store}239|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: 20 Average Days Saved
    • member rating average days saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • Parent Category Name: Optimization
    • Parent Category Link: /optimization
    • Your Workday systems are critical to supporting the organization’s business processes.They are expensive. Direct benefits and ROI can be hard to measure.
    • Workday application portfolios are often behemoths to support. With complex integration points and unique business processes, stabilization is the norm.
    • Application optimization is essential to staying competitive and productive in today’s digital environment.

    Our Advice

    Critical Insight

    Continuous assessment and optimization of your Workday enterprise resource planning (ERP) is critical to the success of your organization.

    Impact and Result

    • Build an ongoing optimization team to conduct application improvements.
    • Assess your Workday application(s) and the environment in which they exist. Take a business first strategy to prioritize optimization efforts.
    • Validate Workday capabilities, user satisfaction, processes, issues around data, integrations, and vendor management to build out an optimization strategy
    • Pull this all together to develop a prioritized optimization roadmap.

    Get the Most Out of Workday Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Get the Most Out of Workday – A guide to help the business leverages to accomplish its goals.

    Enterprise resource planning (ERP) is a core tool that the business leverages to accomplish its goals. Take a proactive approach to optimize your enterprise applications. Strategically re-align business goals, identify business application capabilities, complete a process assessment, evaluate user satisfaction, measure module satisfaction, and vendor relations to create an optimization plan that will drive a cohesive technology strategy that delivers results.

    • Get the Most Out of Workday – Phases 1-4

    2. Get the Most Out of Workday Workbook – A tool to document and assist with this project.

    The Get the Most out of Workday Workbook serves as the holding document for the different elements of the Get the Most out Workday blueprint. Use each assigned tab to input the relevant information for the process of optimizing Workday.

    • Get the Most Out of Workday Workbook

    3. Workday Application Inventory Tool – A tool to define applications and capabilities around ERP.

    Use this tool provide Info-Tech with information surrounding your ERP application(s). This inventory will be used to create a custom Application Portfolio Assessment (APA) for your ERP. The template includes demographics, application inventory, departments to be surveyed and data quality inclusion.

    • Workday Application Inventory Tool

    Infographic

    Workshop: Get the Most Out of Workday

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define Your Workday Application Vision

    The Purpose

    Define your workday application vision.

    Key Benefits Achieved

    Set the foundation for optimizing Workday by building a cross-functional team, aligning with organizational strategy, inventorying current system state, defining your timeframe, and exploring current costs.

    Activities

    1.1 Identify stakeholders and build your optimization team.

    1.2 Build an ERP strategy model.

    1.3 Inventory current system state.

    1.4 Define optimization timeframe.

    1.5 Understand Workday costs.

    Outputs

    Workday optimization team

    Workday business model

    Workday optimization goals

    System inventory and data flow

    Application and business capabilities list

    Workday optimization timeline

    2 Map Current-State Capabilities

    The Purpose

    Map current-state capabilities.

    Key Benefits Achieved

    Measure the state of your current Workday system to understand where it is not performing well.

    Activities

    2.1 Assess Workday capabilities.

    2.2 Review your satisfaction with the vendor/product and willingness for change.

    Outputs

    Workday capability gap analysis

    Workday user satisfaction (application portfolio assessment)

    Workday SoftwareReviews survey results

    Workday current costs

    3 Assess Workday

    The Purpose

    Assess Workday.

    Key Benefits Achieved

    Explore underperforming areas to:

    Uncover where user satisfaction is lacking and possible root causes.

    Identify process and workflows that are creating issues for end users and identify improvement options.

    Understand where data issues are occurring and explore how you can improve these.

    Identify integration points and explore if there are any areas of improvement.

    Investigate your relationship with the vendor and product, including that relative to others.

    Identify any areas for cost optimization (optional).

    Activities

    3.1 Prioritize optimization opportunities.

    3.2 Discover optimization initiatives.

    Outputs

    Product and vendor satisfaction opportunities

    Capability and feature optimization opportunities

    Process optimization opportunities

    Integration optimization opportunities

    Data optimization opportunities

    Workday cost-saving opportunities

    4 Build the Optimization Roadmap

    The Purpose

    Build the optimization roadmap.

    Key Benefits Achieved

    Understanding where you need to improve is the first step, now understand where to focus your optimization efforts, build out next steps and put a timeframe in place.

    Activities

    4.1 Build your optimization roadmap.

    Outputs

    Workday optimization roadmap

    Further reading

    Get the Most Out of Workday

    In today’s connected world, the continuous optimization of enterprise applications to realize your digital strategy is key.

    EXECUTIVE BRIEF

    Analyst Perspective

    Focus optimization on organizational value delivery.

    HR, finance, and planning systems are the core foundation of enterprise resource systems (ERP) systems. These are core tools that the business leverages to accomplish its goals. An ERP that is doing its job well is invisible to the business. The challenges come when the tool is no longer invisible. It has become a source of friction in the functioning of the business.

    Workday is expensive, benefits can be difficult to quantify, and optimization can be difficult to navigate. Over time, technology evolves, organizational goals change, and the health of these systems is often not monitored. This is complicated in today’s digital landscape with multiple integration points, siloed data, and competing priorities.

    Too often organizations jump into selecting replacement systems without understanding the health of their systems. We can do better than this.

    IT leaders need to take a proactive approach to continually monitor and optimize their enterprise applications. Strategically realign business goals, identify business application capabilities, complete a process assessment, evaluate user satisfaction, measure module satisfaction, and improve vendor relations to create an optimization plan that will drive a cohesive technology strategy that delivers results.

    Lisa Highfield

    Research Director, Enterprise Applications

    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Your Workday systems are critical to supporting the organization’s business processes. They are expensive. Direct benefits and ROI can be hard to measure.

    Workday application portfolios are often behemoths to support. With complex integration points and unique business processes, stabilization is the norm.

    Application optimization is essential to staying competitive and productive in today’s digital environment.

    Common Obstacles

    Balancing optimization with stabilization is one of the most difficult decisions for Workday application leaders.

    Competing priorities and often unclear enterprise application strategies make it difficult to make decisions about what, how, and when to optimize.

    Enterprise applications involve large numbers of processes, users, and evolving vendor roadmaps.

    Teams do not have a framework to illustrate, communicate, and justify the optimization effort in the language your stakeholders understand.

    Info-Tech's Approach

    In today’s changing world, it is imperative to evaluate your applications for optimization and to look for opportunities to capitalize on rapidly expanding technologies, integrated data, and employee solutions that meet the needs of your organization.

    Assess your Workday applications and the environment in which they exist. Take a business-first strategy to prioritize optimization efforts.

    Validate capabilities, user satisfaction, and issues around data, vendor management, and costs to build out an overall roadmap and optimization strategy.

    Pull this all together to prioritize optimization efforts and develop a concrete roadmap.

    Info-Tech Insight

    Workday is investing heavily in expanding and deepening its finance and expanded product offerings, but we cannot stand still on our optimization efforts. Understand your product(s), processes, user satisfaction, integration points, and the availability of data to business decision makers. Examine these areas to develop a personalized Workday optimization roadmap that fits the needs of your organization. Incorporate these methodologies into an ongoing optimization strategy aimed at enabling the business, increasing productivity, and reducing costs.

    The image shows a graphic titled Get the Most Out of Your ERP. The centre of the graphic shows circular gears labelled with text such as Processes; User Satisfaction; Integrations; Data; and Vendor Relations. There is also text surrounding the central gears in concentric circles, and on either side, there are sets of arrows titled Service-centric capabilities and Product-centric capabilities.

    Insight summary

    Continuous assessment and optimization of your Workday ERP is critical to the success of your organization.

    • Applications and the environments in which they live are constantly evolving.
    • This blueprint provides business and application managers with a method to complete a health assessment of their Workday systems to identify areas for improvement and optimization.
    • Put optimization practices into effect by:
      • Aligning and prioritizing key business and technology drivers.
      • Identifying ERP process classification and performing a gap analysis.
      • Measuring user satisfaction across key departments.
      • Evaluating vendor relations.
      • Understanding how data plays into the mix.
      • Pulling it all together into an optimization roadmap.

    Workday enterprise resource planning (ERP) facilitates the flow of information across business units. It allows for the seamless integration of data across financial and people systems to create a holistic view of the enterprise to support decision making.

    In many organizations, Workday is considered the core people systems and is becoming more widely adopted for finance and a full ERP system.

    ERP systems are considered the lifeblood of organizations. Problems with this key operational system will have a dramatic impact on the ability of the enterprise to survive and grow.

    ERP implementation should not be a one-and-done exercise. There needs to be ongoing optimization to enable business processes and optimal organizational results.

    Workday enterprise resource planning (ERP)

    Workday

    • Finance
    • Human Resources Management
    • Talent and Performance
    • Payroll and Workforce Management
    • Employee Experience
    • Student Information Systems
    • Professional Services Automation
    • Analytics and Reporting
    • Spend Management
    • Enterprise Planning

    What is Workday?

    Workday has many modules that work together to facilitate the flow of information across the business. Workday’s unique data platform allows for seamless integration of systems and creates a holistic view of the enterprise to support decision making.

    In many organizations, the ERP system is considered the lifeblood of the enterprise. Problems with this key operational system will have a dramatic impact on the ability of the enterprise to survive and grow.

    Workday operates in many industry verticals and performs well in service organizations.

    An ERP system:

    • Automates processes, reducing the amount of manual, routine work.
    • Integrates with core modules, eliminating the fragmentation of systems.
    • Centralizes information for reporting from multiple parts of the value chain to a single point.

    Workday Fast Facts

    Product Description

    • Workday offers HR, Finance, planning systems, and extended offerings. Workday prides itself on rapidly expanding its product portfolio to meet the needs of organizations in a changing world.
    • The integrated cloud data model Workday has been built on allows for seamless end-to-end organizational data.
    • Offerings include Financial Management, Human Capital Management, Workday Adaptive Planning, Spend Management, Talent Management, Payroll & Workforce Management, Analytics & Reporting, Student, Professional Services Automation, Platform & Product Extensions, Workday Peakon Employee Voice, and most recently VNDLY (contract and vendor management).

    Evolution of Workday

    Workday HCM 2006

    Workday Financial Management 2007

    Workday 10 (Finance & HCM) 2010

    Workday Student (Higher Education) 2011

    Workday Cloud (PAAS) 2017

    Acquisition of Adaptive Insights 2018

    Acquisition of VNDLY 2021

    Vendor Description

    • Workday was founded in 2005 by Aneel Bhusri and Dave Duffield (former PeopleSoft founder.)
    • The platform-as-a-service (PaaS) bundles and modules are sold in a subscription model to customers.
    • Workday has untaken several acquisitions in recent years to grow the product and invests in early-stage companies through Workday Ventures.
    • Workday is publicly traded (2012); Nasdaq: WDAY.

    Employees: 12,500

    Headquarters: Pleasanton, CA

    Website: workday.com

    Founded: 2005

    Presence: Global, Publicly Traded

    Workday by the numbers

    77%

    77% of clients were satisfied with the product’s business value created. 78% of clients were satisfied that the cost is fair relative to value, and 95% plan to renew. (SoftwareReviews, 2022)

    50% of Fortune 500

    Workday has seen steady growth working with over 50% of Fortune 500 companies. 4,100 of those are HCM and finance customers. It has seen great success in service industries and has a 95% gross retention rate. (Diginomica)

    40%

    Workday reported a 40% year-over-year increase in Workday Financial Management deployments for both new and existing customers, as accelerated demand for Workday cloud-based continues. (Workday, June 2021)

    Workday Finance

    A great opportunity for Workday

    Workday continues to invest in Workday Finance

    • 35% of the Fortune 500 and 50% of the Fortune 50 use Workday HCM products (Seeking Alpha, 2019).
    • The customer base for Workday Financial Management has increased from 45 in 2014 to 530 in 2019 with 9 Fortune 500 companies in the mix. This infers that Financial Management is a product that will drive future growth for Workday.

    Recent Finance-Related Acquisitions

    • Zimit - Quotation Management
    • Stories.bi - Augmented Analytics
    • Adaptive Insights - Business Planning
    • SkipFlag - Machine Learning (AI)
    • Platfora - Analytics
    • VNDLY - Contractor and Vendor Management

    Workday challenges and dissatisfaction

    Workday challenges and dissatisfaction

    Organizational

    • Competing Priorities
    • Lack of Strategy
    • Budget Challenges

    People and teams

    • Knowledgeable Staff/Turnover
    • Lack of Internal Skills
    • Ability to Manage New Products
    • Lack of Training

    Technology

    • Integration Issues
    • Selecting Tools & Technology
    • Keeping Pace With Technology Changes
    • Update Challenges

    Data

    • Access to Data
    • Data Literacy
    • Data Hygiene
    • One View of the Customer

    Finance, IT, Sales, and other users of the ERP system can only optimize ERP with the full support of each other. The cooperation of the departments is crucial when trying to improve ERP technology capabilities and customer interaction.

    Info-Tech Insight

    While technology is the key enabler of building strong customer experiences, there are many other drivers of dissatisfaction. IT must stand shoulder-to-shoulder with the business to develop a technology framework for ERP.

    Where are applications leaders focusing?

    Big growth numbers

    Year-over-year call topic requests

    Enterprise Application Optimization - 124%

    Product - 65%

    Enterprise Application Selection - 76%

    Agile - 79%

    (Info-Tech case data, 2022; N=3,293)

    We are seeing Applications leaders’ priorities change year over year, driven by a shift in their approach to problem solving. Leaders are moving from a process-centric approach to a collaborative approach that breaks down boundaries and brings teams together.

    Other changes

    Year-over-year call topic requests

    Application Portfolio Management - 13%

    Business Process Management - 4%

    Software Development Lifecycle -25%

    (Info-Tech case data, 2022; N=3,293)

    Software development lifecycle topics are tactical point solutions. Organizations have been “shifting left” to tackle the strategic issues such as product vision and Agile mindset to optimize the whole organization.

    Application optimization is risky without a plan

    Avoid these common pitfalls:

    • Not considering how this pays into the short-, medium-, and long-term ERP strategy.
    • Not considering application optimization as a business and IT partnership, which requires the continuous formal engagement of all participants.
    • Not having a good understanding of your current state, including integration points and data.
    • Not adequately accommodating feedback and changes after digital applications are deployed and employed.
    • Not treating digital applications as a motivator for potential future IT optimization efforts and incorporating digital assets in strategic business planning.
    • Not involving department leads, management, and other subject-matter experts to facilitate the organizational change digital applications bring.

    “A successful application optimization strategy starts with the business need in mind and not from a technological point of view. No matter from which angle you look at it, modernizing a legacy application is a considerable undertaking that can’t be taken lightly. Your best approach is to begin the journey with baby steps.” – Norelus, Pamidala, and Senti, 2020

    Info-Tech’s methodology for getting the most out of your ERP

    1. Map Current-State Capabilities 2. Assess Your Current State 3. Identify Key Optimization Areas 4. Build Your Optimization Roadmap
    Phase Steps
    1. Identify Stakeholders and Build Your Workday Optimization Team
    2. Build an ERP Strategy Model
    3. Inventory Current System State
    4. Define Business Capabilities
    • Conduct a Gap Analysis for ERP Processes
    • Assess User Satisfaction
    • Review Your Satisfaction With the Vendor and Product
    1. Identify Key Optimization Areas
    2. Evaluate Product Sustainability Over the Short, Medium, and Long Term
    3. Identify Any Product Changes Anticipated Over Short, Medium, and Long Term
    1. Prioritize Optimization Opportunities
    2. Identify Key Optimization Areas
    3. Compile Optimization Assessment Results
    Phase Outcomes
    1. Stakeholder map
    2. Workday optimization team
    3. Workday business model
    4. Strategy alignment
    5. Systems inventory and diagram
    6. Business capabilities map
    7. Key Workday processes list
    1. Gap analysis for Workday-related processes
    2. Understanding of user satisfaction across applications and processes
    3. Insight into Workday data quality
    4. Quantified satisfaction with the vendor and product
    5. Understanding Workday costs
    1. List of Workday optimization opportunities
    1. Workday optimization roadmap

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Get the Most Out of Your Workday Workbook

    Identify and prioritize your Workday optimization goals.

    Application Portfolio Assessment

    Assess IT-enabled user satisfaction across your Workday portfolio.

    Key deliverable:

    Workday Optimization Roadmap

    Complete an assessment of processes, user satisfaction, data quality, and vendor management.

    Case Study

    MANAGED AP AUTOMATION with OneSource Virtual

    TripAdvisor + OneSource

    INDUSTRY: Travel

    SOURCE: OneSource Virtual, 2017

    Challenge

    TripAdvisor needed a solution that would decrease administrative labor from its accounting department.

    “We needed something that was already compatible with our Workday tenant, that didn’t require a lot of customizations and would be an enhancement to our processes.” – Director of Accounting Operations, Scott Garner

    Requirements included:

    • Easy implementation
    • Existing system compatibility
    • Enhancement to the company’s process
    • Competitive pricing
    • Secure

    Solution

    TripAdvisor chose to outsource its accounts payable services to OneSource Virtual (OSV).

    OneSource Virtual offers the comprehensive finance and accounting outsourcing solutions needed to improve efficiency, eliminate paper processes, reduce errors, and improve cash flow.

    Managed AP services include scanning and auditing all extracted invoice data for accuracy, transmitting AP files with line-item details from invoices, and creating full invoice images in Workday.

    Results

    • Accurate and timely invoice processing for over 3,000 invoices per month.
    • Empowered employees to focus on higher-level tasks rather than day-to-day data entry.
    • 50+ hours saved per week on routine data entry.
    • Employees had 30% of their time freed up to focus on high-value tasks.
    • Allowed TripAdvisor to become more scalable across departments and as an organization.

    Info-Tech offers various levels of support to suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided Implementation

    What does a typical GI on this topic look like?

    A Guided Implementation (GI) is series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is between 8 to 12 calls over the course of 4 to 6 months.

    Phase 1

    Call #1: Scope requirements, objectives, and your specific challenge.

    Phase 2

    Call #2:

    • Build the Workday team.
    • Align organizational goals.

    Call #3:

    • Map current state.
    • Inventory Workday capabilities and processes.
    • Explore Workday-related costs.

    Phase 3

    Call #4: Understand product satisfaction and vendor management.

    Call #5: Review APA results.

    Call #6: Understand Workday optimization opportunities.

    Call #7: Determine the right Workday path for your organization.

    Phase 4

    Call #8: Build out optimization roadmap and next steps.

    Workshop Overview

    Contact your account representative for more information.

    workshops@infotech.com 1-888-670-8889

    Day 1Day 2Day 3Day 4Day 5
    Define Your Workday Application VisionMap Current StateAssess WorkdayBuild Your Optimization RoadmapNext Steps and

    Wrap-Up (offsite)

    Activities

    1.1 Identify Stakeholders and Build Your Optimization Team

    1.2 Build an ERP Strategy Model

    1.3 Inventory Current System State

    1.4 Define Optimization Timeframe

    1.5 Understand Workday Costs

    2.1 Assess Workday Capabilities

    2.2 Review Your Satisfaction With the Vendor/Product and Willingness for Change

    3.1 Prioritize Optimization Opportunities

    3.2 Discover Optimization Initiatives

    4.1 Build Your Optimization Roadmap

    5.1 Complete In-progress Deliverables From Previous Four Days.

    5.2 Set Up Review Time for Workshop Deliverables and to Discuss Next Steps.

    Deliverables
    1. Workday optimization team
    2. Workday business model
    3. Workday optimization goals
    4. System inventory and data flow
    5. Application and business capabilities list
    6. Workday optimization timeline
    1. Workday capability gap analysis
    2. Workday user satisfaction (application portfolio assessment)
    3. Workday SoftwareReviews survey results
    4. Workday current costs
    1. Product and vendor satisfaction opportunities
    2. Capability and feature optimization opportunities
    3. Process optimization opportunities
    4. Integration optimization opportunities
    5. Data optimization opportunities
    6. Workday cost-saving opportunities
    1. Workday optimization roadmap

    Phase 1

    Map Current-State Capabilities

    Phase 1

    1.1 Identify Stakeholders and Build Your Optimization Team

    1.2 Build an ERP Strategy Model

    1.3 Inventory Current System State

    1.4 Define Optimization Timeframe

    1.5 Understand Workday Costs

    Phase 2

    2.1 Assess Workday Capabilities

    2.2 Review Your Satisfaction With the Vendor/Product and Willingness for Change

    Phase 3

    3.1 Prioritize Optimization Opportunities

    3.2 Discover Optimization Initiatives

    Phase 4

    4.1 Build Your Optimization Roadmap

    This phase will guide you through the following activities:

    • Align your organizational goals
    • Gain a firm understanding of your current state
    • Inventory Workday and related applications
    • Confirm the organization’s capabilities

    This phase involves the following participants:

    • CFO
    • Department Leads – Finance, Procurement, Asset Management
    • Applications Director
    • Senior Business Analyst
    • Senior Developer
    • Procurement Analysts

    Step 1.1

    Identify Stakeholders and Build Your Optimization Team

    Activities

    1.1.1 Identify Stakeholders Critical to Success

    1.1.2 Map Your Workday Optimization Stakeholders

    1.1.3 Determine Your Workday Optimization Team

    Map Current State Capabilities

    Step 1.1

    Step 1.2

    Step 1.3

    Step 1.4

    Step 1.5

    This step will guide you through the following activities:

    • Identify ERP drivers and objectives
    • Explore ERP challenges and pain points
    • Discover ERP benefits and opportunities
    • Align the ERP foundation with your corporate strategy

    This step involves the following participants:

    • Stakeholders
    • Project sponsors and leaders

    Outcomes of this step

    • Stakeholder map
    • Workday optimization team

    ERP optimization stakeholders

    • Understand the roles necessary to Get the Most Out of Your Workday.
    • Understand the role of each player within your project structure. Look for listed participants on the activities slides to determine when each player should be involved.
    Title Role Within the Project Structure
    Organizational Sponsor
    • Owns the project at the management/C-suite level
    • Responsible for breaking down barriers and ensuring alignment with your organizational strategy
    • CIO, CFO, COO, or similar
    Project Manager
    • The IT individual(s) that oversee day-to-day project operations
    • Responsible for preparing and managing the project plan and monitoring the project team’s progress
    • Applications Manager or other IT Manager, Business Analyst, Business Process Owner, or similar
    Business Unit Leaders
    • Works alongside the IT Project Manager to ensure the strategy is aligned with business needs
    • In this case, likely to be a marketing, sales, or customer service lead
    • Sales Director, Marketing Director, Customer Care Director, or similar
    Optimization Team
    • Comprised of individuals whose knowledge and skills are crucial to project success
    • Responsible for driving day-to-day activities, coordinating communication, and making process and design decisions; can assist with persona and scenario development for ERP
    • Project Manager, Business Lead, ERP Manager, Integration Manager, Application SMEs, Developers, Business Process Architects, and/or similar SMEs
    Steering Committee
    • Comprised of the C-suite/management-level individuals that act as the project’s decision makers
    • Responsible for validating goals and priorities, defining the project scope, enabling adequate resourcing, and managing change
    • Project Sponsor, Project Manager, Business Lead, CFO, Business Unit SMEs, or similar

    Info-Tech Insight

    Do not limit project input or participation. Include subject-matter experts and internal stakeholders at stages within the project. Such inputs can be solicited on a one-off basis as needed. This ensures you take a holistic approach to create your ERP optimization strategy.

    1.1.1 Identify Workday optimization stakeholders

    1 hour

    1. Hold a meeting to identify the Workday optimization stakeholders.
    2. Use the next slide as a guide.

    Record this information in the Get the Most Out of Your Workday Workbook.

    Download the Get the Most Out of Your Workday Workbook

    Understand how to navigate the complex web of stakeholders in ERP

    Identify which stakeholders to include and what their level of involvement should be during requirements elicitation based on relevant topic expertise.

    Sponsor End User IT Business
    Description An internal stakeholder who has final sign-off on the ERP project. Front-line users of the ERP technology. Back-end support staff who are tasked with project planning, execution, and eventual system maintenance. Additional stakeholders that will be impacted by any ERP technology changes.
    Examples
    • CEO
    • CIO/CTO
    • COO
    • CFO
    • Warehouse personnel
    • Sales teams
    • HR admins
    • Applications manager
    • Vendor relationship manager(s)
    • Director, Procurement
    • VP, Marketing
    • Manager, HR
    Values Executive buy-in and support is essential to the success of the project. Often, the sponsor controls funding and resource allocation. End users determine the success of the system through user adoption. If the end user does not adopt the system, the system is deemed useless and benefits realization is poor. IT is likely to be responsible for more in-depth requirements gathering. IT possesses critical knowledge around system compatibility, integration, and data. Involving business stakeholders in the requirements gathering will ensure alignment between HR and organizational objectives.

    Large-scale ERP projects require the involvement of many stakeholders from all corners and levels of the organization, including project sponsors, IT, end users, and business stakeholders. Consider the influence and interest of stakeholders in contributing to the requirements elicitation process and involve them accordingly.

    The image shows a graph with dots on it, titled Example: Stakeholder Involvement during Selection.

    Activity 1.1.2 Map your Workday optimization stakeholders

    1 hour

    1. Use the list of Workday optimization stakeholders.
    2. Map each stakeholder on the quadrant based on their expected Influence and involvement in the project.

    Record this information in the Get the Most Out of Your Workday Workbook.

    Download the Get the Most Out of Your Workday Workbook

    The image shows a graph titled Map the Organization's Stakeholders, with stakeholders listed on the left, and arranged in quadrants. Along the bottom of the graph is the text: Involvement, with an arrow pointing to the right. Along the left side of the graph is the text: Influence, with an arrow pointing upwards.

    Map the organization’s stakeholders

    The image shows the same organization stakeholder map shown in the previous section.

    The Workday optimization team

    Consider the core team functions when putting together the project team. Form a cross-functional team (i.e. across IT, Marketing, Sales, Service, and Operations) to create a well-aligned ERP optimization strategy.

    Don’t let your project team become too large when trying to include all relevant stakeholders. Carefully limiting the size of the project team will enable effective decision making while still including functional business units such as Human Resources, Operations, Manufacturing, Marketing, Sales, Service, and Finance as well as IT.

    Required Skills/Knowledge Suggested Project Team Members
    Business
    • Department leads
    • Business process leads
    • Business analysts
    • Subject matter experts
    • SMEs/Business process leads across all functional areas, for example, Strategy, Sales, Marketing, Customer Service, Finance, HR
    IT
    • Application development
    • Enterprise integration
    • Business processes
    • Data management
    • Product owner
    • ERP application manager
    • Business process manager
    • Integration manager
    • Application developer
    • Data stewards
    Other
    • Operations
    • Administrative
    • Change management
    • COO
    • CFO
    • Change management officer

    1.1.3 Determine your Workday optimization team

    1 hour

    1. Have the project manager and other key stakeholders discuss and determine who will be involved in the Workday optimization project.
      • The size of the team will depend on the initiative and size of your organization.
      • Key business leaders in key areas and IT representatives should be involved.

    Note: Depending on your initiative and size of your organization, the size of this team will vary.

    Record this information in the Get the Most Out of Your Workday Workbook.

    Download the Get the Most Out of Your Workday Workbook

    Step 1.2

    Build an ERP Strategy Model

    Activities

    1.2.1 Explore Organizational Goals and Business Needs

    1.2.2 Discover Environmental Factors and Technology Drivers

    1.2.3 Consider Potential Barriers to Achieving Workday Optimization

    1.2.4 Set the Foundation for Success

    1.2.5 Discuss Workday Strategy and Develop Your ERP Optimization Goals

    Map Current State Capabilities

    Step 1.1

    Step 1.2

    Step 1.3

    Step 1.4

    Step 1.5

    This step will guide you through the following activities:

    • Identify ERP drivers and objectives
    • Explore ERP challenges and pain points
    • Discover ERP benefits and opportunities
    • Align the ERP foundation with the corporate strategy

    This step involves the following participants:

    • Workday Optimization Team

    Outcomes of this step

    • ERP business model
    • Strategy alignment

    Align your Workday strategy with the corporate strategy

    Corporate Strategy

    Your corporate strategy:

    • Conveys the current state of the organization and the path it wants to take.
    • Identifies future goals and business aspirations.
    • Communicates the initiatives that are critical for getting the organization from its current state to the desired future state.

    Unified ERP Strategy

    • The ideal ERP strategy is aligned with overarching organizational business goals and broader IT initiatives.
    • Include all affected business units and departments in these conversations.
    • The ERP optimization can be and should be linked, with metrics, to the corporate strategy and ultimate business objectives.

    IT Strategy

    Your IT strategy:

    • Communicates the organization’s budget and spending on ERP.
    • Identifies IT initiatives that will support the business and key ERP objectives.
    • Outlines staffing and resourcing for ERP initiatives.

    ERP projects are more successful when the management team understands the strategic importance and the criticality of alignment. Time needs to be spent upfront aligning business strategies with ERP capabilities. Effective alignment between IT and the business should happen daily. Alignment doesn’t just need to occur at the executive level but at each level of the organization.

    ERP Business Model Template

    The image shows a template of the ERP Business Model. At the top, there is a section for ERP Needs, then on the left and right, Environmental Factors and Organizational Goals. At the center, there is a box with text that reads Barriers, with empty space underneath it, then the text: ERP Strategy, and then the heading Enables with empty space beneath it. At the bottom are Technology Drivers. There are notes attached to sections. For ERP Needs, the note reads: What are your business drivers? What are your current ERP pains?. For the Environmental Factors section, the note reads: What factors impacting your strategy are out of your control?. For the Technology Drivers section, the note reads: Why do you need a new system? What is the purpose for becoming an integrated organization?.

    Conduct interviews to elicit the business context

    Stakeholder Interviews

    Begin by conducting interviews of your executive team. Interview the following leaders:

    1. Chief Information Officer
    2. Chief Executive Officer
    3. Chief Financial Officer
    4. Chief Revenue Officer/Sales Leader
    5. Chief Operating Officer/Supply Chain & Logistics Leader
    6. Chief Technology Officer/Chief Product Officer

    INTERVIEWS MUST UNCOVER:

    1. Your organization’s mission & vision
    2. Your organization’s top business goals
    3. Your organization’s top business initiatives
    4. The stakeholder’s top goals and initiatives
    5. Tools and systems needed to facilitate organizational and departmental goals

    Understand the mission, vision, and goals of the organization and supporting departments

    Business Needs Business Drivers
    Definition A business need is a requirement associated with a particular business process. A business need is a requirement associated with a particular business process.
    Examples
    • Audit tracking
    • Authorization levels
    • Business rules
    • Data quality
    • Customer satisfaction
    • Branding
    • Time-to-resolution

    Info-Tech Insight

    One of the biggest drivers for ERP adoption is the ability to make quicker decisions from timely information. This driver is a result of external considerations. Many industries today are highly competitive, uncertain, and rapidly changing. To succeed under these pressures, there needs to be timely information and visibility into all components of the organization.

    1.2.1 Explore organizational goals and business needs

    60 minutes

    1. Discuss organizational mission, vision, and goals. What are the top initiatives underway? Are you contracting, expanding, or innovating?
    2. Discuss business needs to support organizational goals. What are identified goals and initiatives at the departmental level? What tools and resources within the Workday system will help make this successful?
    3. Understand how the company is running today and what the organization’s future will look like. Envision the future system state.

    Record this information in the Get the Most Out of Your Workday Workbook.

    The image shows the same ERP Business Model Template from the previous section, zoomed in on the centre of the graphic.

    Organizational Goals

    • Organization’s mission and vision
    • Top business goals
    • Initiatives underway

    Business Needs

    • Departmental goals
    • Business drivers
    • Key initiatives
    • Key capabilities to support the organization
    • Requirements to support the business capability and process

    Download the Get the Most Out of Your Workday Workbook

    ERP Business Model

    Organizational Goals

    • Organization’s mission and vision
    • Top business goals (~3)
    • Initiatives underway
    • KPIs and metrics that are important to the organization in achieving its goals and objectives

    Business Needs

    • Departmental goals
    • Key initiatives
    • Key capabilities to support the organization
    • Tools and systems required to support business capability or process
    • KPIs and metrics that are important to the department/stakeholder in achieving its goals and objectives

    Understand the technology drivers and environmental factors

    Technology Drivers Environmental Factors
    Definition Technology drivers are technological changes that have created the need for a new ERP enablement strategy. Many organizations turn to technology systems to help them obtain a competitive edge. These external considerations are factors that take place outside of the organization and impact the way business is conducted inside the organization. These are often outside the control of the business. Look three to five years ahead, what challenges will the business face? Where will you have to adapt and pivot? How can we prepare for this?
    Examples
    • Deployment model (i.e. SaaS)
    • Integration
    • Reporting capabilities
    • Fragmented technologies
    • Economic and political factors
    • Competitive influencers
    • Compliance regulations

    Info-Tech Insight

    A comprehensive plan that takes into consideration organizational goals, departmental needs, technology drivers, and environmental factors will allow for a collaborative approach to defining your Workday strategy.

    1.2.2 Discover environmental factors and technology drivers

    30 minutes

    1. Identify business drivers that are contributing to the organization’s need for ERP.
    2. Understand how the company is running today and what the organization’s future will look like. Try to identify the purpose for becoming an integrated organization. Use a whiteboard or flip charts and markers to capture key findings.
    3. Consider external considerations, organizational drivers, technology drivers, and key functional requirements.

    Record this information in the Get the Most Out of Your Workday Workbook.

    The image is the same ERP Business Model Template from previous sections. In this instance, it is zoomed into the centre of the graphic, with the environmental factors section circled.

    External Considerations

    • Funding constraints
    • Regulations

    Technology Considerations

    • Data accuracy
    • Data quality
    • Better reporting

    Functional Requirements

    • Information availability
    • Integration between systems
    • Secure data

    Download the Get the Most Out of Your Workday Workbook

    Create a realistic ERP foundation by identifying the challenges and barriers the project will bestow

    There are several different factors that may stifle the success of an ERP implementation. Organizations that are creating an ERP foundation must scan their current environment to identify internal barriers and challenges.

    Common Internal Barriers

    Management Support Organizational Culture Organizational Structure IT Readiness
    Definition The degree of understanding and acceptance toward ERP systems. The collective shared values and beliefs. The functional relationships between people and departments in an organization. The degree to which the organization’s people and processes are prepared for a new ERP system.
    Questions
    • Is an ERP project recognized as a top priority?
    • Will management commit time to the project?
    • Are employees resistant to change?
    • Is the organization highly individualized?
    • Is the organization centralized?
    • Is the organization highly formalized?
    • Is there strong technical expertise?
    • Is there strong infrastructure?
    Impact
    • Funding
    • Resources
    • Knowledge sharing
    • User acceptance
    • Flow of knowledge
    • Quality of implementation
    • Need for reliance on consultants

    1.2.3 Consider potential barriers to achieving Workday optimization

    1-3 hours

    1. Open tab 1.2, “Strategy & Goals,” in the Get the Most Out of Your Workday Workbook.
    2. Identify barriers to ERP optimization success.
    3. Review the ERP critical success factors and how they relate to your optimization efforts.
    4. Discuss potential barriers to successful ERP optimization.

    Record this information in the Get the Most Out of Your Workday Workbook.

    The image is the same zoomed-in section of the ERP Strategy Business Model Template seen in previous sections. In this instance, the Barriers section is circled.

    Functional Gaps

    • No online purchase order requisitions

    Technical Gaps

    • Inconsistent reporting – data quality concerns

    Process Gaps

    • Duplication of data
    • Lack of system integration

    Barriers to Success

    • Cultural mindset
    • Resistance to change
    • Lack of training
    • Funding

    Download the Get the Most Out of Your Workday Workbook

    ERP Business Model

    Organizational Goals

    • Efficiency
    • Effectiveness
    • Integrity
    • One source of truth for data
    • One team
    • Customer service, external and internal

    Barriers

    • Organizational silos
    • Lack of formal process documentation
    • Funding availability
    • What goes first? Organizational priorities

    What does success look like?

    Top 15 Critical Success Factors for ERP System Implementation

    The image shows a horizontal bar graph with the text: Frequency of Citation (n=127) at the top. Different implementation strategies are listed on the left, in descending order of frequency.

    (Epizitone and Olugbara, 2019; CC BY 4.0)

    Info-Tech Insight

    Complement your ability to deliver on your critical success factors with the capabilities of your implementation partner to drive a successful ERP implementation.

    “Implementation partners can play an important role in successful ERP implementations. They can work across the organizational departments and layers creating a synergy and a communications mechanism.” – Ayogeboh Epizitone, Durban University of Technology

    1.2.3 Set the foundation for success

    1-3 hours

    1. Open tab 1.2, “Strategy & Goals,” in the Get the Most Out of Your Workday Workbook.
    2. Identify barriers to ERP optimization success.
    3. Review the ERP critical success factors and how they relate to your optimization efforts.
    4. Discuss potential barriers to successful ERP optimization.

    Record this information in the Get the Most Out of Your Workday Workbook.

    The image is the same zoomed-in section of the ERP Strategy Business Model Template seen in previous sections. In this instance, the Enablers section is circled.

    Business Benefits

    • Business-IT alignment

    IT Benefits

    • Compliance
    • Scalability
    • Operational efficiency

    Organizational Benefits

    • Data accuracy
    • Data quality
    • Better reporting

    Enablers of Success

    • Change management
    • Training
    • Alignment with strategic objectives

    Download the Get the Most Out of Your Workday Workbook

    ERP Business Model

    Organizational Goals

    • Efficiency
    • Effectiveness
    • Integrity
    • One source of truth for data
    • One team
    • Customer service, external and internal

    Enablers

    • Cross-trained employees
    • Desire to focus on value-add activities
    • Collaborative
    • Top-level executive support
    • Effective change management process

    The Business Value Matrix

    Rationalizing and quantifying the value of Workday

    Benefits can be realized internally and externally to the organization or department and have different drivers of value.

    • Financial benefits refer to the degree to which the value source can be measured through monetary metrics and are often quite tangible.
    • Human benefits refer to how an application can deliver value through a user’s experience.
    • Inward refers to value sources that have an internal impact and improve your organization’s effectiveness and efficiency in performing its operations.
    • Outward refers to value sources that come from your interaction with external factors, such as the market or your customers.

    Organizational Goals

    Increased Revenue

    Application functions that are specifically related to the impact on your organization’s ability to generate revenue and deliver value to your customers.

    Reduced Costs

    Reduction of overhead. The ways in which an application limits the operational costs of business functions.

    Enhanced Services

    Functions that enable business capabilities that improve the organization’s ability to perform its internal operations.

    Reach Customers

    Application functions that enable and improve the interaction with customers or produce market information and insights.

    Business Value Matrix

    The image shows a matrix, with Human benefits and Financial Benefits on the horizontal axis, and Outward and Inward on the Vertical axis.

    1.2.4 Define your Workday strategy and optimization goals

    30 minutes

    1. Discuss the Workday business model exercises and ERP critical success factors.
    2. Through the lens of corporate goals and objectives think about the supporting ERP technology. How can the ERP system bring value to the organization? What are the top things that will make this initiative a success? What major themes are emerging?
    3. Develop five to ten optimization goals that will form the basis for the success of this initiative.
      • What is a strong statement that will help guide decision making throughout the life of the ERP project?
      • What are your overarching requirements for business processes?
      • What do you ultimately want to achieve?
      • What is a statement that will ensure all stakeholders are on the same page for the project?

    Record this information in the Get the Most Out of Your Workday Workbook.

    Download the Get the Most Out of Your Workday Workbook

    Workday strategy and optimization goals

    Key Themes Emerging / Workday Strategy

    • Efficiency
    • Effectiveness
    • Integrity
    • One source of truth for data
    • One team
    • Customer service, external and internal

    Optimization Goals

    • Support Business Agility: A flexible and adaptable integrated business system providing a seamless user experience.
    • Use ERP best practices: Do not recreate or replicate what we have today; focus on modernization. Exercise customization governance by focusing on those customizations that are strategically differentiating.
    • Automate: Take manual work out where we can, empowering staff and improving productivity through automation and process efficiencies.
    • Stay focused: Focus on scope around core business capabilities. Maintain scope control. Prioritize demand in line with the strategy.
    • Strive for “One Source of Truth”: Unified data model and integrate processes where possible. Assess integration needs carefully.

    Step 1.3

    Inventory Current System State

    Activities

    1.3.1 Inventory Workday Applications and Interactions

    1.3.2 Draw Your Workday System Diagram

    1.3.3 Inventory Your Workday Modules and Business Capabilities (or Business Processes)

    1.3.4 Define Your Key Workday Optimization Modules and Business Capabilities

    Map Current-State Capabilities

    Step 1.1

    Step 1.2

    Step 1.3

    Step 1.4

    Step 1.5

    This step will guide you through the following activities:

    • Inventory of applications
    • Mapping interactions between systems

    This step involves the following participants:

    • Workday Optimization Team
    • Enterprise Architect
    • Data Architect

    Outcomes of this step

    • Systems inventory
    • Systems diagram

    1.3.1 Inventory Workday applications and interfaces

    1-3+ hours

    1. Enter your Workday systems, Workday extended applications, and integrated applications within scope.
    2. Include any abbreviated names or nicknames.
    3. List the application type or main function. List the modules the organization has licensed.
    4. List any integrations.

    Record this information in the Get the Most Out of Your Workday Workbook.

    Download the Get the Most Out of Your Workday Workbook

    ERP Data Flow

    When assessing the current application portfolio that supports your ERP, the tendency will be to focus on the applications under the ERP umbrella. These relate mostly to marketing, sales, and customer service. Be sure to include systems that act as input to, or benefit due to outputs from, ERP or similar applications.

    The image shows a flowchart, with example ERP Data. There is a colour-coded legend for the data, and at the bottom of the graphic, there is text that reads: Be sure to include enterprise applications that are not included in the ERP application portfolio. There are also definitions of abbreviated terms at the bottom of the graphic.

    1.3.2 Draw your Workday system diagram (optional)

    1-3+ hours

    1. From the Workday application inventory, diagram your network. Include:
      • Any internal or external systems
      • Integration points
      • Data flow

    The image shows the flowchart section of th image that appears in the previous section.

    Download the Get the Most Out of Your Workday Workbook

    Sample Workday and integrations map

    The image shows a sample map of Workday and integrations. There is a colour-coded legend at the bottom right.

    Business capability map (Level 0)

    In business architecture, the primary view of an organization is known as a business capability map.

    A business capability defines what a business does to enable value creation, rather than how.

    Business capabilities:

    • Represent stable business functions.
    • Are unique and independent of each other.
    • Will typically have a defined business outcome.

    A business capability map provides details that help the business architecture practitioner direct attention to a specific area of the business for further assessment.

    The image shows a Business Capability Map, which is divided into 4 sections: Products and Services Development; Revenue Generation; Demand Fulfillment; and Enterprise Management and Planning

    The value stream

    Value stream defined:

    Value Streams:

    Design Product

    • Manufacturers work proactively to design products and services that will meet consumer demand.
    • Products are driven by consumer demand and government regulations.

    Produce Product

    • Production processes and labor costs are constantly analyzed for efficiencies and accuracies.
    • Quality of product and services are highly regulated through all levels of the supply chain.

    Sell Product

    • Sales networks and sales staff deliver the product from the organization to the end consumer.
    • Marketing plays a key role throughout the value stream connecting consumers’ wants and needs to the products and services offered.

    Customer Service

    • Relationships with consumers continue after the sale of products and services.
    • Continued customer support and data mining is important to revenue streams.

    Value streams connect business goals to the organization’s value realization activities in the marketplace. Those activities are dependent on the specific industry segment in which an organization operates. There are two types of value streams: core value streams and support value streams.

    • Core value streams are mostly externally facing. They deliver value to either an external or internal customer and they tie to the customer perspective of the strategy map.
    • Support value streams are internally facing and provide the foundational support for an organization to operate.

    Taking a value stream approach to process mapping allows you to move across departmental and system boundaries to understand the underlying business capability.

    Some mistakes organizations make are over-customizing processes, or conversely, not customizing when required. Workday provides good baseline process that work for most organizations. However, if a process is broken or not working efficiently take the time to investigate it, including underlying policies, roles, workflows, and integrations.

    Process frameworks

    Help define your inventory of sales, marketing, and customer services processes.

    Operating Processes
    1. Develop vision and strategy 2. Develop and manage products and services 3. Market and sell products and services 4. Deliver physical products 5. Deliver services
    Management and Support Processes
    6. Manage customer service
    7. Develop and manage human capital
    8. Manage IT
    9. Manage financial resources
    10. Acquire, construct, and manage assets
    11. Manage enterprise risk, compliance, remediation, and resiliency
    12. Manage external relationships
    13. Develop and manage business capabilities

    (APQC)

    If you do not have a documented process model, you can use the APQC Framework to help define your inventory of sales business processes.

    APQC’s Process Classification Framework is a taxonomy of cross-functional business processes intended to allow the objective comparison of organizational performance within and among organizations.

    APQC’s Process Classification Framework

    Process mapping hierarchy

    A process classification framework is helpful for organizations to effectively define their processes and manage them appropriately.

    Use Info-Tech’s related industry resources or publicly available process frameworks (such as APQC) to develop and map your business processes.

    These processes can then be mapped to supporting applications and modules. Policies, roles, and workflows also play a role and should be considered in the overall functioning.

    APQC’s Process Classification Framework

    The image shows a chart, titled PCL Levels Explained, with each of the PCF Levels listed, and a brief description of each.

    (APQC)

    Focus on level-1 processes

    Level 1 Level 2 Level 3 Level 4
    Market and sell products and services Understand markets, customers, and capabilities Perform customer and market intelligence analysis Conduct customer and market research
    Market and sell products and services Develop a sales strategy Develop a sales forecast Gather current and historic order information
    Deliver services Manage service delivery resources Manage service delivery resource demand Develop baseline forecasts
    ? ? ? ?

    Info-Tech Insight

    Focus your initial assessment on the level-1 processes that matter to your organization. This allows you to target your scant resources on the areas of optimization that matter most to the organization and minimize the effort required from your business partners.

    You may need to iterate the assessment as challenges are identified. This allows you to be adaptive and deal with emerging issues more readily and become a more responsive partner to the business.

    Process mapping and supporting ERP modules

    The operating model

    An operating model is a framework that drives operating decisions. It helps to set the parameters for the scope of ERP and the processes that will be supported. The operating model will serve to group core operational processes. These groupings represent a set of interrelated, consecutive processes aimed at generating a common output.

    From your developed processes and your Workday license agreements you will be able to pinpoint the scope for investigation, including the processes and modules.

    The image shows three images, overlapping one another. At the back is a chart with three sections, and boxes beneath. In front of that is a graphic with Objectives, Value Streams, Capabilities, and Processes written down the left side, and descriptions on the right. Below that image is an arrow pointing downward to the text Supporting Workday Modules. In front is a circular graphic with the word Workday in the centre, and circles with text in them around it.

    Workday modules and process enablement

    Workday Finance

    • Accounts Receivable and Collections
    • Accounts Payable and Payments
    • Asset Management
    • Audit and Controls
    • Billing and Invoicing
    • Cash Management
    • Contracts
    • Financial Reporting and Analysis
    • [Global] Close and Consolidation
    • Multi-GAAP/Multi-book/Multi-chart of Accounts
    • Revenue Management

    Spend Management

    • Strategic Sourcing
    • Procure to Pay
    • Inventory
    • Expenses

    Professional Services Automation

    • Project and Resource Management
    • Project Financials
    • Project Billing
    • Expense Management
    • Time Tracking

    Enterprise Planning

    • Financial planning
    • Reporting
    • Analytics
    • Budgets
    • Insights
    • Workforce planning
    • Sales planning
    • Operational planning

    Analytics and Reporting

    • Financial Management Core Reporting
    • Human Capital Management Core Reporting
    • Benchmarking
    • Data Hub
    • Augmented Analytics

    Student

    • Admissions
    • Financial Aid
    • Advising
    • Student Finance
    • Student Records

    Human Capital Management (HCM)

    • Human Resource Management
    • Organization Management
    • Business Process Management
    • Reporting and Analytics
    • Employee and Manager Self-Service
    • Contingent Labor Management
    • Skills Cloud
    • Absence Management
    • Benefits Administration
    • ACA Management
    • Compensation
    • Talent Optimization

    Payroll and Workforce Management

    • Scheduling and Labor Management
    • Time and Attendance
    • Absence
    • Payroll

    Employee Experience

    • Employee Engagement Insights
    • Diversity, Inclusion, and Belonging Measurement
    • Health and Well-Being Metrics
    • Back-to-Workplace Readiness
    • Confidential Employee-Manager Conversations
    • Attrition Prediction
    • Continuous Industry Benchmarks

    Talent and Performance

    • Talent Profile
    • Continuous Feedback
    • Survey Campaigns
    • Embedded Analytics
    • Goal Management
    • Performance Management
    • Talent Review
    • Calibration
    • Competencies
    • Career and Development Planning
    • Succession Planning
    • Talent Marketplace
    • Mobile
    • Expenses

    1.3.3 Inventory your Workday modules and business capabilities

    1-3+ hours

    1. Look at the major functions or processes within the scope of ERP.
    2. From the inventory of current systems, choose the submodules or processes that you want to investigate and are within scope for this optimization initiative.
    3. List the top modules, capabilities, or processes that will be within the scope of this optimization initiative.

    Record this information in the Get the Most Out of Your Workday Workbook.

    Download the Get the Most Out of Your Workday Workbook

    1.3.4 Define your key Workday optimization modules and business capabilities

    1-3+ hours

    1. Look at the major functions or processes within the scope of ERP.
    2. From the inventory of current systems, choose the submodules or processes for this optimization initiative. Base this on those that are most critical to the business, those with the lowest levels of satisfaction, or those that perhaps need more knowledge around them.

    Record this information in the Get the Most Out of Your Workday Workbook.

    Download the Get the Most Out of Your Workday Workbook

    Step 1.4

    Define Optimization Timeframe

    Activities

    1.4.1 Define Workday Key Dates, and Workday Optimization Roadmap Timeframe and Structure

    Map Current-State Capabilities

    Step 1.1

    Step 1.2

    Step 1.3

    Step 1.4

    Step 1.5

    This step will guide you through the following activities:

    • Defining key dates related to your optimization initiative
    • Identifying key building blocks for your optimization roadmap

    This step involves the following participants:

    • Workday Optimization Team
    • Vendor Management

    Outcomes of this step

    • Optimization Key Dates
    • Optimization Roadmap Timeframe and Structure

    1.4.1 Optimization roadmap timeframe and structure

    1-3+ hours

    1. Key items and dates relevant to your optimization initiatives, such as any products reaching end of life or end of contract, or budget proposal submission deadlines.
    2. Enter the expected Optimization Initiative Start Date.
    3. Enter the Roadmap Length. This is the total amount of time you expect to participate in the Workday Optimization Initiative. This includes short-, medium-, and long-term initiatives.
    4. Enter your Roadmap Date markers – how you want dates displayed on the roadmap.
    5. Enter column time values – what level of granularity will be helpful for this initiative?
    6. Enter the sprint or cycle timeframe – use this if following Agile.

    Record this information in the Get the Most Out of Your Workday Workbook.

    Download the Get the Most Out of Your Workday Workbook

    Step 1.5

    Understand Workday Costs

    Activities

    1.5.1 Document Costs Associated With Workday

    Map Current-State Capabilities

    Step 1.1

    Step 1.2

    Step 1.3

    Step 1.4

    Step 1.5

    This step will walk you through the following activities:

    • Define your Workday direct and indirect costs
    • List your Workday expense line items

    This step involves the following participants:

    • Finance representatives
    • Workday Optimization Team

    Outcomes of this step

    • Current Workday and related costs

    1.5.1 Document costs associated with Workday

    1-3 hours

    Before you can make changes and optimization decisions, you need to understand the high-level costs associated with your current application architecture. This activity will help you identify the types of technology and people costs associated with your current systems.

    1. Identify the types of technology costs associated with each current system:
      1. System Maintenance
      2. Annual Renewal
      3. Licensing
    2. Identify the cost of people associated with each current system:
      1. Full-Time Employees
      2. Application Support Staff
      3. Help Desk Tickets

    Record this information in the Get the Most Out of Your Workday Workbook.

    Download the Get the Most Out of Your Workday Workbook

    Phase 2

    Assess Your Current State

    Phase 1

    1.1 Identify Stakeholders and Build Your Optimization Team

    1.2 Build an ERP Strategy Model

    1.3 Inventory Current System State

    1.4 Define Optimization Timeframe

    1.5 Understand Workday Costs

    Phase 2

    2.1 Assess Workday Capabilities

    2.2 Review Your Satisfaction With the Vendor/Product and Willingness for Change

    Phase 3

    3.1 Prioritize Optimization Opportunities

    3.2 Discover Optimization Initiatives

    Phase 4

    4.1 Build Your Optimization Roadmap

    This phase will guide you through the following activities:

    • Determine process relevance
    • Perform a gap analysis
    • Perform a user satisfaction survey
    • Assess software and vendor satisfaction

    This phase involves the following participants:

    • Workday Optimization Team
    • Users across functional areas of your ERP and related technologies

    Step 2.1

    Assess Workday Capabilities

    Activities

    2.1.1 Rate Capability Relevance to Organizational Goals

    2.1.2 Complete a Workday Application Portfolio Assessment

    2.1.3 (Optional) Assess Workday Process Maturity

    Assess Workday Capabilities

    Step 2.1

    Step 2.2

    This step will guide you through the following activities:

    • Capability Relevance
    • Process Gap Analysis
    • Application Portfolio Assessment

    This step involves the following participants:

    • Workday Users

    Outcomes of this step

    • Workday Capability Assessment

    Benefits of the Application Portfolio Assessment

    Assess the health of the application portfolio

    • Get a full 360-degree view of the effectiveness, criticality, and prevalence of all relevant applications to get a comprehensive view of the health of the applications portfolio.
    • Identify opportunities to drive more value from effective applications, retire nonessential applications, and immediately address at-risk applications that are not meeting expectations.

    Provide targeted department feedback

    • Share end-user satisfaction and importance ratings for core IT services, IT communications, and business enablement to focus on the right end-user groups or lines of business, and ramp up satisfaction and productivity.

    Gain insight into the state of data quality

    • Data quality is one of the key issues causing poor ERP user satisfaction and business results. This can include the relevance, accuracy, timeliness, or usability of the organization’s data.
    • Targeted, open-ended feedback around data quality will provide insight into where optimization efforts should be focused.

    2.1.1 Complete a current state assessment (via the Application Portfolio Assessment)

    3 hours

    Option 1: Use Info-Tech’s Application Portfolio Assessment to generate your user satisfaction score. This tool not only measures application satisfaction but also elicits great feedback from users regarding the support they receive from the IT team around Workday.

    1. Download the Workday Application Inventory Tool.
    2. Complete the “Demographics” tab (tab 2).
    3. Complete the “Inventory” tab (tab 3).
      1. Complete the inventory by treating each module within your Workday system as an application.
      2. Treat every department as a separate column in the department section. Feel free to add, remove, or modify department names to match your organization.
      3. Include data quality for all applications applicable.

    Option 2: Create a survey manually.

    1. Use tab Reference 2.1 “APA Questions” as a guide for creating your survey.
    2. Send out surveys to end users.
    3. Modify tab 2.1 “Workday Assessment” if required.

    Record this information in the Get the Most Out of Your Workday Workbook.

    Download the Get the Most Out of Your Workday Workbook

    Content for New section Tag Goes HereThe image shows a number of charts relating to applications, such as Overall Applications Portfolio Satisfaction and Most Critical Applications. Data is shown in each category relating to number of users, usability, data quality, status, and others.

    2.1.2 Complete the Application Portfolio Assessment

    3 hours

    Option 1: Use Info-Tech’s Application Portfolio Assessment to generate your user satisfaction score. This tool not only measures application satisfaction but also elicits great feedback from users regarding the support they receive from the IT team around Workday.

    1. Download the Workday Application Inventory Tool.
    2. Complete the “Demographics” tab (tab 2).
    3. Complete the “Inventory” tab (tab 3).
      1. Complete the inventory by treating each module within your Workday system as an application.
      2. Treat every department as a separate column in the department section. Feel free to add, remove, or modify department names to match your organization.
      3. Include data quality for all applications applicable.

    Option 2: Create a survey manually.

    1. Use tab Reference 2.1 “APA Questions” as a guide for creating your survey.
    2. Send out surveys to end users.
    3. Modify tab 2.1 “Workday Assessment” if required.

    Record this information in the Get the Most Out of Your Workday Workbook.

    Download the Get the Most Out of Your Workday Workbook

    2.1.3 (Optional) Assess Workday process maturity

    1. As with any ERP system, the issues encountered may not be related to the system itself but processes that have developed over time.
    2. Use this opportunity to interview key stakeholders to learn about deeper capability processes.
      1. Identify key stakeholders.
      2. Hold sessions to document deeper processes.
      3. Discuss processes and technical enablement in each area.

    Record this information in the Get the Most Out of Your Workday Workbook.

    Download the Get the Most Out of Your Workday Workbook

    Process Maturity Assessment

    Process Assessment

    Strong

    Moderate

    Weak

    1.1 Financial Planning and Analysis

    1.2 Accounting and Financial Close

    1.3 Treasury Management

    1.4 Financial Operations

    1.5 Governance, Risk & Compliance

    2.1 Core HR

    Description All aspects related to financial operations
    Key Success Indicators Month-end reporting in 5 days AR at risk managing down (zero over 90 days) Weekly operating cash flow updates
    Timely liquidity for claims payments Payroll audit reporting and insights reporting 90% of workflow tasks captured in ERP
    EFT uptake Automated reconciliations Reduce audit hours required
    Current Pain Points A lot of voided and re-issued checks NIDPP Integration with banks; can’t get the information back into existing ERP
    There is no payroll integration No payroll automation and other processes Lack of integration with HUB
    Not one true source of data Incentive payment processing Rewards program management
    Audit process is onerous Reconcile AP and AR for dealers

    Stakeholders Interviewed:

    The process is formalized, documented, optimized, and audited.

    The process is poorly documented. More than one person knows how to do it. Inefficient and error-prone.

    The process is not documented. One person knows how to do it. The process is ad hoc, not formalized, inconsistent.

    Capability Processes:

    General Ledger

    Accounts Receivable

    Incentives Management

    Accounts Payable

    General Ledger Consolidation

    Treasury Management

    Cash Management

    Subscription / recurring payments

    Treasury Transactions

    Step 2.2

    Review Your Satisfaction With the Vendor/Product and Willingness for Change

    Activities

    2.2.1 Rate Your Vendor and Product Satisfaction

    2.2.2 Review Workday Product Scores (if applicable)

    2.2.3 Evaluate Your Product Satisfaction

    2.2.4 Check Your Business Process Change Tolerance

    Product Satisfaction

    Step 2.1

    Step 2.2

    This step will guide you through the following activities:

    • Rate your vendor and product satisfaction
    • Compare with survey data from SoftwareReviews

    This step involves the following participants:

    • Workday Product Owner(s)
    • Procurement Representative
    • Vendor Contracts Manager

    Outcomes of this step

    • Quantified satisfaction with vendor and product

    2.2.1 Rate your vendor and product satisfaction

    30 minutes

    Use Info-Tech’s vendor satisfaction survey to identify optimization areas with your ERP product(s) and vendor(s).

    1. Option 1 (recommended): Conduct a satisfaction survey using SoftwareReviews. This option allows you to see your results in the context of the vendor landscape.
    2. Option 2: Use the Get the Most Out of Your Workday Workbook to review your satisfaction with your Workday software.

    Record this information in the Get the Most Out of Your Workday Workbook

    SoftwareReviews’ Enterprise Resource Planning Category

    Download the Get the Most Out of Your Workday Workbook

    2.2.2 Review Workday product scores (if applicable)

    30 minutes

    1. Download the scorecard for your Workday product from the SoftwareReviews website. (Note: Not all products are represented or have sufficient data, so a scorecard may not be available.)
    2. Use the Get the Most Out of Your Workday Workbook tab 2.3 to record the scorecard results.
    3. Use your Get the Most Out of Your Workday Workbook to flag areas where your score may be lower than the product scorecard. Brainstorm ideas for optimization.

    Record this information in the Get the Most Out of Your Workday Workbook.

    SoftwareReviews’ Enterprise Resource Planning Category

    Download the Get the Most Out of Your Workday Workbook

    2.2.3 How does your satisfaction compare with your peers?

    Use SoftwareReviews to explore product features, vendor experience, and capability satisfaction.

    The image shows two data quadrants, one titled Enterprise Resource Planning - Enterprise, and Enterprise Resource Planning - Midmarket.

    (SoftwareReviews ERP Mid-Market, 2022; SoftwareReviews ERP Enterprise, 2022)

    2.2.4 Check your business process change tolerance

    1 hours

    Input

    • Business process capability map

    Output

    • Heat map of risk areas that require more attention to validate best practices or minimize customization

    Materials

    • Whiteboard/flip charts
    • Get the Most Out of Your Workday Workbook

    Participants

    • Implementation team
    • SMEs
    • Departmental Leaders
    1. As a group, list your level-0 and level-1 business capabilities. Sample on the next slide.
    2. Assess the department’s willingness for change and the risk of maintaining the status quo.
    3. Color-code the level-0 business capabilities based on:
      1. Green – Willing to follow best practices
      2. Yellow – May be challenging or unique business model
      3. Red – Low tolerance for change

    Record this information in the Get the Most Out of Your Workday Workbook

    Heat map representing desire for best practice or those having the least tolerance for change

    Legend:

    Willing to follow best practice

    May be challenging or unique business model

    Low tolerance for change

    Out of Scope

    Product-Centric Capabilities
    R&D Production Supply Chain Distribution Asset Mgmt
    Idea to Offering Plan to Produce Procure to Pay Forecast to Delivery Acquire to Dispose
    Add/Remove Shop Floor Scheduling Add/Remove Add/Remove Add/Remove
    Add/Remove Product Costing Add/Remove Add/Remove Add/Remove
    Service-Centric Capabilities
    Finance HR Marketing Sales Service
    Record to Report Hire to Retire Market to Order Quote to Cash Issue to Resolution
    Add/Remove Add/Remove Add/Remove Add/Remove Add/Remove
    Add/Remove Add/Remove Add/Remove Add/Remove Add/Remove

    Determine the areas of risk to conform to best practice and minimize customization. These will be areas needing focus from the vendor, supporting change and guiding best practice.

    For example: Must be able to support our unique process manufacturing capabilities and enhance planning and visibility to detailed costing.

    Phase 3

    Identify Key Optimization Opportunities

    Phase 1

    1.1 Identify Stakeholders and Build Your Optimization Team

    1.2 Build an ERP Strategy Model

    1.3 Inventory Current System State

    1.4 Define Optimization Timeframe

    1.5 Understand Workday Costs

    Phase 2

    2.1 Assess Workday Capabilities

    2.2 Review Your Satisfaction With the Vendor/Product and Willingness for Change

    Phase 3

    3.1 Prioritize Optimization Opportunities

    3.2 Discover Optimization Initiatives

    Phase 4

    4.1 Build Your Optimization Roadmap

    This phase will walk you through the following activities:

    • Identify key optimization areas
    • Create an optimization roadmap

    This phase involves the following participants:

    • Workday Optimization Team

    Step 3.1

    Prioritize optimization opportunities

    Activities

    3.1.1 Prioritize Optimization Capability Areas

    Build Your Optimization Roadmap

    Step 3.1

    Step 3.2

    This step will guide you through the following activities:

    • Explore existing process gaps
    • Identify the impact of processes on user satisfaction
    • Identify the impact of data quality on user satisfaction
    • Review your overall product satisfaction and vendor management

    This step involves the following participants:

    • Workday Optimization Team

    Outcomes of this step

    • Application optimization plan

    Info-Tech Insight

    Enabling a high-performing organization requires excellent management practices and continuous optimization efforts. Your technology portfolio and architecture are important, but we must go deeper. Taking a holistic view of ERP technologies in the environments in which they operate allows for the inclusion of people and process improvements – this is key to maximizing business results. Using a formal ERP optimization initiative will drive business-IT alignment, identify IT automation priorities, and dig deep into continuous process improvement.

    Address process gaps:

    • ERP and related technologies are invaluable to the goal of organizational enablement, but they must have supported processes driven by business goals.
    • Identify areas where capabilities need to be improved and work toward optimization.

    Support user satisfaction:

    • The best technology in the world won’t deliver business results if it’s not working for the users who need it.
    • Understand concerns, communicate improvements, and support users in all roles.

    Improve data quality:

    • Data quality is unique to each business unit and requires tolerance, not perfection.
    • Implement data quality initiatives that are aligned with overall business objectives and aimed at addressing data practices and the data itself.

    Proactively manage vendors:

    • Vendor management is a critical component of technology enablement and IT satisfaction.
    • Assess your current satisfaction against that of your peers and work toward building a process that is best fit for your organization.

    Assessing application business value

    The Business

    Keepers of the organization’s mission, vision, and value statements that define IT success. The business maintains the overall ownership and evaluation of the applications.

    Business Value of Applications

    IT

    Technical subject matter experts of the applications they deliver and maintain. Each IT function works together to ensure quality applications are delivered to stakeholder expectations.

    First, the authorities on business value need to define and weigh their value drivers that describe the priorities of the organization. This will allow the applications team to apply a consistent, objective, and strategically aligned evaluation of applications across the organization.

    In this context…

    business value is

    the value of the business outcome that the application produces. Additionally, it is how effective the application is at producing that outcome.

    Business value IS NOT

    the user’s experience or satisfaction with the application.

    Brainstorm IT initiatives to enable high areas of opportunity to support the business

    Create or Improve:

    • ERP Capabilities
    • Optimization Initiatives

    Capabilities are what the system and business do that creates value for the organization.

    Optimization initiatives are projects with a definitive start and end date, and they enhance, create, maintain, or remove capabilities with the goal of increasing value.

    Brainstorm ERP optimization initiatives in each area. Ensure you are looking for all-encompassing opportunities within the context of IT, the business, and Workday systems.

    • Process
    • Technology
    • Organization

    Discover the value drivers of your applications

    Financial vs. Human Benefits

    Financial benefits refer to the degree to which the value source can be measured through monetary metrics and are often quite tangible.

    Human benefits refer to how an application can deliver value through a user’s experience.

    Inward vs. Outward Orientation

    Inward refers to value sources that have an internal impact and improve your organization’s effectiveness and efficiency in performing its operations.

    Outward refers to value sources that come from your interaction with external factors, such as the market or your customers.

    The image shows a business value matrix, with Human benefit and Financial benefit in the horizontal and Outward and Inward on the vertical. In the top left quadrant is Reach Customers; top right is Increase Revenue or Deliver Value; bottom left is Enhance Services, and bottom right is Reduce Costs.

    The image shows a graph titled Perceived business benefits from using digital tools. It is a bar graph, showing percentages assigned to each perceived benefit. The source is Collins et al, 2017.

    Increased Revenue

    Application functions that are specifically related to the impact on your organization’s ability to generate revenue and deliver value to your customers.

    Reduced Costs

    Reduction of overhead. The ways in which an application limits the operational costs of business functions.

    Enhanced Services

    Functions that enable business capabilities that improve the organization’s ability to perform its internal operations.

    Reach Customers

    Application functions that enable and improve the interaction with customers or produce market information and insights.

    Prioritize Workday optimization areas that will bring the most value to the organization

    Review your ERP capability areas and rate them according to relevance to organizational goals. This will allow you to eliminate optimization ideas that may not bring value to the organization.

    The image shows a graph, separated into quadrants. On the x-axis is Satisfaction, from low to high, and on the Y-axis is Relevant to Organizational Goals from Low to High. The top left quadrant is High Priority, top right is Maintain, and the two lower quadrants are both low priority.

    Value vs. Effort

    How important is it? vs. How difficult is it?

    How important is it? How Difficult is it?

    What is the value?

    • Increase revenue
    • Decrease costs
    • Enhanced services
    • Reach customers

    What is the benefit?

    • How can it help us reach our goals?

    What is the impact?

    • To organizational goals
    • To ERP goals
    • To departmental goals

    What is the cost?

    • Hours x Rates ++ =

    What is the level of effort?

    • Development effort
    • Operational effort
    • Implementation effort
    • Outside resource coordination

    What is the risk of implementing/not implementing?

    What is the complexity?

    (Roadmunk)

    RICE method

    Measure the “total impact per time worked”

    The image shows a graphic with the word Confidence at the top, then an arrow pointing upwards that reads Impact. Below that, there is an arrow pointing horizontally in both directions that reads Reach, and then a horizontal line, with the word Effort below it.

    Reach Impact Confidence Effort

    How many people will this improvement impact? Internal: # of users OR # of transactions per period

    External: # of customers OR # of transactions per period

    What is the scale of impact? How much will the improvement affect satisfaction?

    Example Weighting:

    1 = Massive Impact

    2 = High Impact

    1 = Medium Impact

    0.5 = Low Impact

    0.25 = Very Low Impact

    How confident are we that the improvements are achievable and that they will meet the impact estimates?

    Example Weighting:

    1 = High Confidence

    0.80 = Medium Confidence

    0.50 = Low Confidence

    How much investment will be required to implement the improvement initiative?

    FTE hours x cost per hour

    (Intercom)

    3.1.1 Prioritize and rate optimization capability areas

    1-3 hours

    1. Use tab 3.1 Optimization Priorities.
    2. From the Workday Key Capabilities (pulled from tab 1.3 Key Capabilities), discuss areas of scope for the Workday optimization initiative.
    3. Discuss the four areas of the business value matrix and identify how each module, along with organizational goals, can bring value to the organization.
    4. Rate each of your Workday capabilities for the level of importance to your organization. The levels of importance are:
      • Crucial
      • Important
      • Secondary
      • Unimportant
      • Not applicable

    Record this information in the Get the Most Out of Your Workday Workbook.

    Download the Get the Most Out of Your Workday Workbook

    Step 3.2

    Discover Optimization Initiatives

    Activities

    3.2.1 Discover Product and Vendor Satisfaction Opportunities

    3.2.2 Discover Capability and Feature Optimization Opportunities

    3.2.3 Discover Process Optimization Opportunities

    3.2.4 Discover Integration Optimization Opportunities

    3.2.5 Discover Data Optimization Opportunities

    3.2.6 Discover Workday Cost-Saving Opportunities

    Build Your Optimization Roadmap

    Step 3.1

    Step 3.2

    This step will guide you through the following activities:

    • Explore existing process gaps
    • Identify the impact of processes on user satisfaction
    • Identify the impact of data quality on user satisfaction
    • Review your overall product satisfaction and vendor management

    This step involves the following participants:

    • Workday Optimization Team

    Outcomes of this step

    • Application optimization plan
    Content for New section Tag Goes HereThe image shows a graphic title Product Feature Satisfaction, showing features in rank order and data on each.
    Content for New section Tag Goes HereThe image shows a graphic titled Vendor Capability Satisfaction, showing features in rank order with related data.

    Workday’s partner landscape

    Workday uses an extensive partner network to help deliver results.

    ADVISORY PARTNERS

    Workday Advisory Partners have in-depth knowledge to help customers determine what’s best for their needs and how to maximize business value. They guide you through digital acceleration strategy and planning, product selection, change management, and more.

    SERVICES PARTNERS

    Workday Services Partners represent a curated community of global systems integrators and regional firms that help companies deploy Workday and continually adopt new capabilities.

    SOFTWARE PARTNERS

    Workday Software Partners are a global ecosystem of application, content, and technology software companies that design, build, and deploy solution extensions to help customers enhance the capabilities of Workday.

    Global payroll PARTNERS

    Workday’s Global Payroll Cloud (GPC) program makes it easy to expand payroll (outside of the US, Canada, the UK, and France) to third-party payroll providers around the world using certified, prebuilt integrations from Workday Partners. Payroll partners provide solutions in more than 100 countries.

    Adaptive planning PARTNERS

    Adaptive planning partners guide you through all aspects of everything from integration to deployment.

    With large-scale ERP and HCM systems, the success of the system can be as much about the SI (Systems Integrator) or vendor partners as it is about the core product.

    In evaluating your Workday system, think about Workday’s extensive partner network to understand how you can capitalize on your installation.

    You do not need to reinvent the system; you may just need an additional service partner or bolt-on solution to round out your product functionality.

    Improving vendor management

    Create a right-size, right-fit strategy for managing the vendors relevant to your organization.

    The image shows a matrix, with strategic value on the x-axis from low to high, and Vendor Spend/Switching Costs on the y-axis, from low to high. In the top left is Operational, top right is Strategic; lower left is commodity; and lower right Tactical.

    Info-Tech Insight

    A vendor management initiative is an organization’s formalized process for evaluating, selecting, managing, and optimizing third-party providers of goods and services.

    The amount of resources you assign to managing vendors depends on the number and value of your organization’s relationships. Before optimizing your vendor management program around the best practices presented in Info-Tech’s Jump Start Your Vendor Management Initiative blueprint, assess your current maturity and build the process around a model that reflects the needs of your organization.

    Note: Info-Tech uses VMI interchangeably with the terms “vendor management office (VMO),” “vendor management function,” “vendor management process,” and “vendor management program.”

    Jump Start Your Vendor Management Initiative

    3.2.1 Discover product and vendor satisfaction

    1-2 hours

    1. Review tab 2.2 Vend. & Prod. Sat. to review the overall Product (and Vendor) satisfaction of your Workday system.
    2. Use tab 3.2 Optimization Initiatives to answer the following questions in the Overall Product (and Vendor) Evaluation area.
      • Document overall product satisfaction.
      • How does your satisfaction compare with your peers?
      • Is the overall system fit for use?
      • Do you have a proactive vendor management strategy in place?
      • Is the product dissatisfaction at the point that you need to evaluate if it is time to replace the product?
      • Could your vendor or SI help you achieve better results?

    Record this information in the Get the Most Out of Your Workday Workbook.

    The image shows a box with text in it, titled 3.2.1 Overall Product (and Vendor) Evaluation.

    Download the Get the Most Out of Your Workday Workbook

    Content for New section Tag Goes HereThe image is a graphic, with the Five Most Critical Applications section at the top, with related data, and other sets of data included in smaller text at the bottom of the image.

    3.2.2 Discover capability and feature optimization opportunities

    1-2 hours

    1. Review tab 2.2 Vend. & Prod. Sat. and tab 3.1 Optimization Priorities to review the satisfaction with the capabilities and features of your Workday system.
    2. Use tab 3.2 Optimization Initiatives to answer the following questions in the Capabilities and Features Evaluation area to answer the following questions:
      • What capabilities and features are performing the worst?
      • Do other organizations and users struggle with these areas?
      • Why is it not performing well?
      • Is there an opportunity for improvement?
      • What are some optimization initiatives that could be undertaken?

    Record this information in the Get the Most Out of Your Workday Workbook

    The image is a box with text in it, titled 3.2.2 Capabilities and Features Evaluation.

    Download the Get the Most Out of Your Workday Workbook

    Process optimization: the hidden goldmine

    Know your strategic goals and KPIs that will deliver results.

    Goals of Process Improvement Process Improvement Sample Areas Improvement Possibilities
    • Optimize business and improve value drivers
    • Reduce TCO
    • Reduce process complexity
    • Eliminate manual processes
    • Increase efficiencies
    • Support digital transformation and enablement
    • Order to cash
    • Procure to pay
    • Order to replenish
    • Plan to produce
    • Request to settle
    • Make to order
    • Make to stock
    • Purchase to order
    • Increase number of process instances processed successfully end to end
    • Increase number of instances processed in time
    • Increase degree of process automation
    • Speed up cycle times of supply chain processes
    • Reduce number of process exceptions
    • Apply internal best practices across organizational units

    3.2.3 Discover process optimization opportunities

    1-2 hours

    1. Use tab 3.1 Optimization Priorities and tab 2.2 Bus Proc Change Tolerance to review process optimization opportunities.
    2. Use tab 3.2 Optimization Initiatives to answer the following questions in the Capabilities and Features Evaluation area to answer the following questions:
      • List underperforming capabilities around process.
      • Answer the following:
        • What is the state of the current processes?
        • Is there an opportunity for process improvement?
        • What are some optimization initiatives that could be undertaken in this area?

    Record this information in the Get the Most Out of Your Workday Workbook.

    The image shows a box with text in it, titled Processes Optimization.

    Download the Get the Most Out of Your Workday Workbook

    Integration provides long-term usability

    Balance the need for secure, compliant data availability with organizational agility.

    The benefits of integration

    • The largest benefit is the extended use of data. The ERP data can be used in the enterprise-level business intelligence suite rather than the application-specific analytics.
    • Enhanced data security. Integrated approaches lend themselves to auditable processes such as sign-on and limit the email movement of data.
    • Regulatory compliance. Large multi-site organizations have many layers of regulation. A clear understanding of where orders, deliveries, and payments were made streamlines the audit process.

    The challenges of integration

    • Extending a single instance ERP to multiple sites. The challenge for data management is the same as any SaaS application. The connection and data replication present challenges.
    • Combining data from equally high-volume systems. For Workday it is recommended that one instance is set to primary and all other sites are read-only to maintain data integrity.
    • Incorporating data from the separate system(s). The proprietary and locked-in nature of the data collection and definitions for ERP systems often limit the movement of data between separate systems.

    Common integration and consolidation scenarios

    Financial Consolidation Data Backup Synchronization Across Sites Legacy Consolidation
    • Financial consolidation requires a holistic view of data format and accounting schedules
    • Problem: Controlling financial documentation across geographic regions. Most companies are required to report in each region where they maintain a presence. Stakeholders and senior management also need a holistic view. This leads to significant strain on the financial department to consolidate both revenue and budget allocations for cross-site projects across the various geographic locations on a regular basis.
    • Solution: For enterprises with a single vendor or Workday-only portfolios, Workday can offer integration tools. For those needing to integrate with other ERPs the use of a connector may be required to send financial data to the main system. The format and accounting calendar for transactions should match the primary ERP system to allow consolidation. The local specific format should be a role-based customization at the level of the site’s specific instance.
    • Use a data center as the main repository to ensure all geographic locations have equal access to the necessary data.
    • Problem: ERP systems generate high volumes of data. Most systems have a defined schedule of back-up during off-hours. Multi-instance brings additional issues through lack of defined off-hours, higher volume of data, and the potential for cross-site or instance data relationships. This leads to headaches for both the Database Administrator and Business Analysts.
    • Solution: The best solution is an offsite data center with high availability. This may include cloud storage or hosted data centers. Regardless of where the data is stored, centralize the data and replicate to each site. Ensure that the data center can mirror the database and Binary Large Object (BLOB) storage that exists for each site.
    • Set up synchronization schedules based on data usage, not site location.
    • Problem: Providing access to up-to-date transactions requires copying of both contextual information (permissions, timestamp, location, history) and the transaction itself across multiple sites to allow local copies to be used for analysis and audits. The sheer volume of information makes timely synchronization difficult.
    • Solution: Not all data needs to be synchronized in a timely fashion. In Workday, administrators can use NetWeaver to maintain and alter global data synchronization through the Master Data Management module. Permissions can be given to users to perform on-demand synchronization of data attached to that user.
    • Carefully define older transactions. Only active transactions should be brought in the ERP. Send older data to storage.
    • Problem: Subsidiaries and acquired companies often have a Tier 2 ERP product. Prior to fully consolidating the processes, many enterprises will want to migrate data to their ERP system to build compliance and audit trails. Migration of data often breaks historical linkages between transactions.
    • Solution: Workday offers tools to integrate data across applications that can be used as part of a data migration strategy. The process of data migration should be combined with data warehousing to ensure a cost-effective process. For most enterprises, the lack of experience in data migration will necessitate the use of consultants and Independent Software Vendors (ISV).

    For more information: Implement a Multi-site ERP

    3.2.4 Discover integration optimization opportunities

    1-2 hours

    1. Use tab 3.2 Optimization Initiatives to answer the following questions in the Integration Evaluation area:
      1. Are there some areas where integration could be improved?
      2. Is there an opportunity for process improvement?
      3. What are some optimization initiatives that could be undertaken in this area?

    Record this information in the Get the Most Out of Your Workday Workbook.

    The image shows a box with text in it, titled Integration Evaluation.

    Download the Get the Most Out of Your Workday Workbook

    Use a data strategy that fixes the enterprise-wide data management issues

    Your data management must allow for flexibility and scalability for future needs.

    IT has several concerns around ERP data and wide dissemination of that data across sites. Large organizations can benefit from building a data warehouse or at least adopting some of the principles of data warehousing. The optimal way to deal with the issue of integration is to design a metadata-driven data warehouse that acts as a central repository for all ERP data. This serves as the storage facility for millions of transactions, formatted to allow analysis and comparison.

    Key considerations:

    • Technical: At what stage does data move to the warehouse? Can processes be automated to dump data or to do a scheduled data movement?
    • Process: Data integration requires some level of historical context for all data. Ensure that all data has multiple metadata tags to future-proof the data.
    • People: Who will be accessing the data and what are the key items that users will need to adapt to the data warehouse process?

    Info-Tech Insight

    Data warehouse solutions can be expensive. See Info-Tech’s Build a Data Warehouse on a Solid Foundation for guidance on what options are available to meet your budget and data needs.

    Optimizing Workday data, additional considerations

    Data Quality Management Effective Data Governance Data-Centric Integration Strategy Extensible Data Warehousing
    • Prevention is 10x cheaper than remediation. Stop fixing data quality with band-aid solutions and start fixing at the source of the problem.
    • Data quality is unique to each business unit and requires tolerance, not perfection. If the data allows the business to operate at the desired level, don’t waste time fixing data that may not need to be fixed.
    • Implement a set of data quality initiatives that are aligned with overall business objectives and aimed at addressing data practices and the data itself.
    • Develop a prioritized data quality improvement project roadmap and long-term improvement strategy.
    • Build related practices with more confidence and less risk after achieving an appropriate level of data quality.
    • Data governance enables data-driven insight. Think of governance as a structure for making better use of data.
    • Collaboration is critical. The business may own the data, but IT understands the data. Data governance will not work unless the business and IT work together.
    • Data governance powers the organization up the data value chain through policies and procedures, master data management, data quality, and data architecture.
    • Create a roadmap to prioritize initiatives and delineate responsibilities among data stewards, data owners, and the data governance steering committee.
    • Ensure buy-in from business and IT stakeholders. Communicate initiatives to end users and executives to reduce resistance.
    • Every enterprise application involves data integration. Any change in the application and database ecosystem requires you to solve a data integration problem.
    • Data integration is becoming more and more critical for downstream functions of data management and for business operations to be successful. Poor integration holds back these critical functions.
    • Build your data integration practice with a firm foundation in governance and a reference architecture. Ensure that your process is scalable and sustainable.
    • Support the flow of data through the organization and meet the organization’s requirements for data latency, availability, and relevancy.
    • Data availability must be frequently reviewed and repositioned to continue to grow with the business.
    • A data warehouse is a project, but successful data warehousing is a program. An effective data warehouse requires planning beyond the technology implementation.
    • Governance, not technology, needs to be the core support system for enabling a data warehouse program.
    • Leverage an approach that focuses on constructing a data warehouse foundation that can address a combination of operational, tactical, and ad hoc business needs.
    • Invest time and effort to put together pre-project governance to inform and guide your data warehouse implementation.
    • Select the most suitable architecture pattern to ensure the data warehouse is “built right” at the very beginning.

    Build Your Data Quality Program

    Establish Data Governance

    Build a Data Integration Strategy

    Build an Extensible Data Warehouse Foundation

    3.2.5 Discover data optimization opportunities

    1-2 hours

    1. Use your 2.1 APA survey and/or tab 2.2 Vendor & Prod Sat to better understand issues related to data.
    • Note: Data issues happen for a number of reasons:
      • Poor underlying data in the system
      • More than one source of truth
      • Inability to consolidate data
      • Inability to measure KPIs (key performance indicators) effectively
      • Reporting that is cumbersome or non-existent
  • Use tab 3.2 Optimization Initiatives to answer the following questions in the Data Evaluation area:
    • What are some underlying issues?
    • Is there an opportunity for data improvement?
    • What are some optimization initiatives that could be undertaken in this area?
  • Record this information in the Get the Most Out of Your Workday Workbook.

    The image shows a box with text in it, titled 3.2.5 Data Evaluation.

    Download the Get the Most Out of Your Workday Workbook

    Content for New section Tag Goes HereThe image shows a graphic, with a bar graph at the bottom, showing Primary Reason for Leaving Workday Human Capital Management.

    Info-Tech Insight

    The number one reason organizations leave Workday is because of cost. Do not be strong-armed into a contract you do not feel comfortable with. Do your homework, know your leverage points, be fully prepared for cost negotiations, use their competition to your advantage, and get support – such as Info-Tech’s vendor management resources and team.

    Approach contracts and pricing strategically

    Don’t go into contract negotiation blind.

    • Understand the vendor – year-end, market strategy, and competitive position.
    • Take the time to understand the contract. including contract details such as length of the contract, full-service equivalent (FSE, employee count,) innovation fees, modules included, and renewal clauses.
    • Be fully prepared to take a proactive approach to cost negotiations.
      • Use Info-Tech’s vendor management services to support you.
      • Go in prepared.
      • Use your leverage points – FSE count, Module Bundles, CPI & Innovation Fees.
      • Use competition to your advantage.

    Since 2007, Workday has been steadily growing its market share and footprint in human capital management, finance, and student information systems.

    Organizations considering additional modules or undergoing contract renewal need to gain insight into areas of leverage and other relevant vendor information.

    Key issues that occur include pricing transparency and contractual flexibility on terms and conditions. Adequate planning and communication need to be taken into consideration before entering into any agreement.

    3.2.6 Discover Workday cost-saving opportunities

    1-2 hours

    1. Use tab 1.5 Current Costs, as an input for this exercise. Another great resource is Info-Tech’s Workday vendor management resources which you can use to help understand cost-saving strategies.
    2. Use tab 3.2 Optimization Initiatives Costs Evaluation area to list cost savings initiatives and opportunities.

    Record this information in the Get the Most Out of Your Workday Workbook.

    The image shows a box with text in it, titled 3.2.6 Costs Evaluation.

    Download the Get the Most Out of Your Workday Workbook

    Other optimization opportunities

    There are many opportunities to improve your Workday portfolio. Choose the ones that are right for your business.

    • Artificial intelligence (AI) (and management of the AI lifecycle)
    • Machine learning (ML)
    • Augment business interactions
    • Automatically execute sales pipelines
    • Process mining
    • Workday application monitoring
    • Be aware of the Workday product roadmap
    • Implement and take advantage of Workday tools and product offerings

    Phase 4

    Build Your Optimization Roadmap

    Phase 1

    1.1 Identify Stakeholders and Build Your Optimization Team

    1.2 Build an ERP Strategy Model

    1.3 Inventory Current System State

    1.4 Define Optimization Timeframe

    1.5 Understand Workday Costs

    Phase 2

    2.1 Assess Workday Capabilities

    2.2 Review Your Satisfaction With the Vendor/Product and Willingness for Change

    Phase 3

    3.1 Prioritize Optimization Opportunities

    3.2 Discover Optimization Initiatives

    Phase 4

    4.1 Build Your Optimization Roadmap

    This phase will walk you through the following activities:

    • Review the different options to solve the identified pain points
    • Build out a roadmap showing how you will get to those solutions
    • Build a communication plan that includes the stakeholder presentation

    This phase involves the following participants:

    • Primary stakeholders in each value stream supported by the ERP
    • ERP Applications support team

    Get the Most Out of Your Workday

    Step 4.1

    4.1 Build Your Optimization Roadmap

    Activities

    4.1.1 Evaluate Optimization Initiatives

    4.1.2 Prioritize Your Workday Initiatives

    4.1.3 Build a Roadmap

    4.1.4 Build a Visual Roadmap

    Next steps

    Step 4.1

    This step will walk you through the following activities:

    • Review the different options to solve the identified pain points then build out a roadmap of how to get to that solution.

    This step involves the following participants:

    • Primary stakeholders in each value stream supported by the ERP
    • ERP Applications support team

    Outcomes of this step

    • A strategic direction is set
    • An initial roadmap is laid out

    Evaluate your optimization initiatives and determine next steps to build out your optimization roadmap

    The image shows a chart titled Value Drivers, with specific categories and criteria listed along the top as headings. The rows below the headings are blank.

    Activity 4.1.1 Evaluate optimization Initiatives

    1 hour

    1. Evaluate your optimization initiatives from tab 3.2, Optimization Initiatives.
    2. Complete Value Drivers:
    • Relevance to Organizational Goals and Objectives
    • Applications Portfolio Assessment Survey:
      • Impact: Number of Users, Importance to Role
      • Current State: Satisfaction With Features, Usability, and Data Quality.
    • Value Drivers: Increase Revenue, Decrease Costs, Enhanced Services, or Reach Customers.
    • Additional Factors:
      • Current to Future Risk Profile
      • Number of Departments to Benefit
      • Importance to Stakeholder Relations
  • Complete Effort and Cost Estimations:
    • Resources: Do we have resources available and the skillset?
    • Cost
    • Overall Effort Rating
  • Gut Check: “Is it achievable? Have we done it or something similar before? Are we willing to invest in it?“
  • Decision to Proceed
  • Next Steps
  • Record this information in the Get the Most Out of Your Workday Workbook.

    Download the Get the Most Out of Your Workday Workbook

    Activity 4.1.2 Determine your optimization roadmap building blocks

    1 hour

    Optimization initiatives: Determine which if any to proceed with.

    1. Identify initiatives.
    2. For each item on your roadmap assign an owner who will be accountable to the completion of the roadmap item.
    3. Wherever possible, assign a start date, month, or quarter. The more specific you can be the better.
    4. Identify completion dates to create a sense of urgency. If you are struggling with start dates, it can help to start with a finish date and “back in” to a start date based on estimated efforts.
    5. Include periphery tasks such as communication strategy.

    Record this information in the Get the Most Out of Your Workday Workbook.

    Note: Your roadmap should be treated as a living document that is updated and shared with the stakeholders on a regular schedule.

    Download the Get the Most Out of Your Workday Workbook

    Activity 4.1.3 – Build a visual Workday optimization roadmap (optional)

    1 hour

    For some, a visual representation of a roadmap is easier to comprehend.

    Consider taking the roadmap built in 4.1.2 and creating a visual roadmap.

    Record this information in the Get the Most Out of Your Workday Workbook.

    The image shows a chart that tracks Initiative and Owner across multiple years.

    Download the Get the Most Out of Your Workday Workbook

    Summary of Accomplishment

    Get the Most Out of Your Workday

    ERP technology is critical to facilitating an organization’s flow of information across business units. It allows for seamless integration of systems and creates a holistic view of the enterprise to support decision making. ERP implementation should not be a one-and-done exercise. There needs to be ongoing optimization to enable business processes and optimal organizational results.

    Get the Most Out of Your Workday allows organizations to proactively implement continuous assessment and optimization of their enterprise resource planning system, including:

    • Alignment and prioritization of key business and technology drivers.
    • Identification of processes, including classification and gap analysis.
    • Measurement of user satisfaction across key departments.
    • Improved vendor relations.
    • Data quality initiatives.

    This formal Workday optimization initiative will drive business-IT alignment, identify IT automation priorities, and dig deep into continuous process improvement.

    If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

    Contact your account representative for more information.

    workshops@infotech.com

    1-888-670-8889

    Research Contributors

    Ben Dickie

    Research Practice Lead

    Info-Tech Research Group

    Ben Dickie is a Research Practice Lead at Info-Tech Research Group. His areas of expertise include customer experience management, CRM platforms, and digital marketing. He has also led projects pertaining to enterprise collaboration and unified communications.

    Scott Bickley

    Practice Lead and Principal Research

    Director Info-Tech Research Group

    Scott Bickley is a Practice Lead and Principal Research Director at Info-Tech Research Group focused on vendor management and contract review. He also has experience in the areas of IT asset management (ITAM), software asset management (SAM), and technology procurement along with a deep background in operations, engineering, and quality systems management.

    Andy Neil

    Practice Lead, Applications

    Info-Tech Research Group

    Andy is a Senior Research Director, Data Management and BI, at Info-Tech Research Group. He has over 15 years of experience in managing technical teams, information architecture, data modeling, and enterprise data strategy. He is an expert in enterprise data architecture, data integration, data standards, data strategy, big data, and the development of industry standard data models.

    Bibliography

    “9 product prioritization frameworks for product managers.” Roadmunk, n.d. Accessed 15 May 2022.

    Armel, Kate. "New Article: Data-Driven Estimation, Management Lead to High Quality." QSM: Quantitative Software Management, 14 May 2013. Accessed 4 Feb. 2021.

    Collins, George, et al., “Connecting Small Businesses in the US.” Deloitte Commissioned by Google, 2017. Web.

    Epizitone, Ayogeboh, and Oludayo O. Olugbara. "Critical Success Factors for ERP System Implementation to Support Financial Functions." Academy of Accounting and Financial Studies Journal, vol. 23, no. 6, 2019. Accessed 12 Oct. 2021

    Gheorghiu, Gabriel. "The ERP Buyer’s Profile for Growing Companies." Selecthub, 2018. Accessed 21 Feb. 2021.

    Karlsson, Johan. "Product Backlog Grooming Examples and Best Practices." Perforce, 18 May 2018. Accessed 4 Feb. 2021.

    Lauchlan, Stuart. “Workday accelerates into fiscal 2023 with a strong year end as cloud adoption gets a COVID-bounce.” diginomica, 1 March 2022. Web.

    "Maximizing the Emotional Economy: Behavioral Economics." Gallup, n.d. Accessed 21 Feb. 2021.

    Noble, Simon-Peter. “Workday: A High-Quality Business That's Fairly Valued.” Seeking Alpha, 8 Apr. 2019. Web.

    Norelus, Ernese, Sreeni Pamidala, and Oliver Senti. "An Approach to Application Modernization: Discovery and Assessment Phase," Medium, 24 Feb. 2020. Accessed 21 Feb. 2021.

    "Process Frameworks." APQC, n.d. Accessed 21 Feb. 2021.

    Saxena, Deepak, and Joe Mcdonagh. "Evaluating ERP Implementations: The Case for a Lifecycle-based Interpretive Approach." The Electronic Journal of Information Systems Evaluation, vol. 22, no. 1, 2019, pp. 29-37. Accessed 21 Feb. 2021.

    “Workday Enterprise Management Cloud Product Scorecard.” SoftwareReviews, May 2022. Web.

    “Workday Meets Growing Customer Demand with Record Number of Deployments and Industry-Leading Customer Satisfaction Score.” Workday, Inc., 7 June 2021. Web.

    Build Your Enterprise Innovation Program

    • Buy Link or Shortcode: {j2store}104|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $100,000 Average $ Saved
    • member rating average days saved: 10 Average Days Saved
    • Parent Category Name: Innovation
    • Parent Category Link: /innovation
    • You don’t know where to start when it comes to building an innovation program for your organization.
    • You need to create a culture of innovation in your business, department, or team.
    • Past innovation efforts have been met with resistance and cynicism.
    • You don’t know what processes you need to support business-led innovation.

    Our Advice

    Critical Insight

    Innovation is about people, not ideas or processes. Innovation does not require a formal process, a dedicated innovation team, or a large budget; the most important success factor for innovation is culture. Companies that facilitate innovative behaviors like growth mindset, collaboration, and taking smart risks are most likely to see the benefits of innovation.

    Impact and Result

    • Outperform your peers by 30% by adopting an innovative approach to your business.
    • Move quickly to launch your innovation practice and beat the competition.
    • Develop the skills and capabilities you need to sustain innovation over the long term.

    Build Your Enterprise Innovation Program Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Build Your Enterprise Innovation Program Storyboard – A step-by-step process to create the innovation culture, processes, and tools you need for business-led innovation.

    This storyboard includes three phases and nine activities that will help you define your purpose, align your people, and build your practice.

    • Build Your Enterprise Innovation Program – Phases 1-3

    2. Innovation Program Template – An executive communication deck summarizing the outputs from this research.

    Use this template in conjunction with the activities in the main storyboard to create and communicate your innovation program. This template uses sample data from a fictional retailer, Acme Corp, to illustrate an ideal innovation program summary.

    • Innovation Program Template

    3. Job Description – Chief Innovation Officer

    This job description can be used to hire your Chief Innovation Officer. There are many other job descriptions available on the Info-Tech website and referenced within the storyboard.

    • Chief Innovation Officer

    4. Innovation Ideation Session Template – Use this template to facilitate innovation sessions with the business.

    Use this framework to facilitate an ideation session with members of the business. Instructions for how to customize the information and facilitate each section is included within the deck.

    • Innovation Ideation Session Template

    5. Initiative Prioritization Workbook – Use this spreadsheet template to easily and transparently prioritize initiatives for pilot.

    This spreadsheet provides an analytical and transparent method to prioritize initiatives based on weighted criteria relevant to your business.

    • Initiative Prioritization Workbook

    Infographic

    Workshop: Build Your Enterprise Innovation Program

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define Your Ambitions

    The Purpose

    Define your innovation ambitions.

    Key Benefits Achieved

    Gain a better understanding of why you are innovating and what your organization will gain from an innovation program.

    Activities

    1.1 Understand your innovation mandate.

    1.2 Define your innovation ambitions.

    1.3 Determine value proposition & metrics.

    Outputs

    Complete the "Our purpose" section of the Innovation Program Template

    Complete "Vision and guiding principles" section

    Complete "Scope and value proposition" section

    Success metrics

    2 Align Your People

    The Purpose

    Build a culture, operating model, and team that support innovation.

    Key Benefits Achieved

    Develop a plan to address culture gaps and identify and implement your operating model.

    Activities

    2.1 Foster a culture of innovation.

    2.2 Define your operating model.

    Outputs

    Complete "Building an innovative culture" section

    Complete "Operating model" section

    3 Develop Your Capabilities

    The Purpose

    Create the capability to facilitate innovation.

    Key Benefits Achieved

    Create a resourcing plan and prioritization templates to make your innovation program successful.

    Activities

    3.1 Build core innovation capabilities.

    3.2 Develop prioritization criteria.

    Outputs

    Team structure and resourcing requirements

    Prioritization spreadsheet template

    4 Build Your Program

    The Purpose

    Finalize your program and complete the final deliverable.

    Key Benefits Achieved

    Walk away with a complete plan for your innovation program.

    Activities

    4.1 Define your methodology to pilot projects.

    4.2 Conduct a program retrospective.

    Outputs

    Complete "Operating model" section in the template

    Notable wins and goals

    Further reading

    Build Your Enterprise Innovation Program

    Transform your business by adopting the culture and practices that drive innovation.

    Analyst Perspective

    Innovation is not about ideas, it's about people.

    Many organizations stumble when implementing innovation programs. Innovation is challenging to get right, and even more challenging to sustain over the long term.

    One of the common stumbling blocks we see comes from organizations focusing more on the ideas and the process than on the culture and the people needed to make innovation a way of life. However, the most successful innovators are the ones which have adopted a culture of innovation and reinforce innovative behaviors across their organization. Organizational cultures which promote growth mindset, trust, collaboration, learning, and a willingness to fail are much more likely to produce successful innovators.

    This research is not just about culture, but culture is the starting point for innovation. My hope is that organizations will go beyond the processes and methodologies laid out here and use this research to dramatically improve their organization's performance.

    Kim Rodriguez

    Kim Osborne Rodriguez
    Research Director, CIO Advisory
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    As a leader in your organization, you need to:

    • Understand your organization's innovation goals.
    • Create an innovation program or structure.
    • Develop a culture of innovation across your team or organization.
    • Demonstrate an ability to innovate and grow the business.

    Common Obstacles

    In the past, you might have experienced one or more of the following:

    • Innovation initiatives lose momentum.
    • Cynicism and distrust hamper innovation.
    • Innovation efforts are unfocused or don't provide the anticipated value.
    • Bureaucracy has created a bottleneck that stifles innovation.

    Info-Tech's Approach

    This blueprint will help you:

    • Understand the different types of innovation.
    • Develop a clear vision, scope, and focus.
    • Create organizational culture and behaviors aligned with your innovation ambitions.
    • Adopt an operational model and methodologies best suited for your culture, goals, and budget.
    • Successfully run a pilot program.

    Info-Tech Insight

    There is no single right way to approach innovation. Begin with an understanding of your innovation ambitions, your existing culture, and the resources available to you, then adopt the innovation operating model that is best suited to your situation.

    Note: This research is written for the individual who is leading the development of the innovation. This role is referred to as the Chief Innovation Officer (CINO) throughout this research but could be the CIO, CTO, IT director, or another business leader.

    Why is innovation so challenging?

    Most organizations want to be innovative, but very few succeed.

    • Bureaucracy slows innovation: Innovation requires speed – it is important to fail fast and early so you can iterate to improve the final solution. Small, agile organizations like startups tend to be more risk tolerant and can move more quickly to iterate on new ideas compared to larger organizations.
    • Change is uncomfortable: Most people are profoundly uncomfortable with failure, risk, and unknowns – three critical components of innovation. Humans are wired to think efficiently rather than innovatively, which leads to confirmation bias and lack of ingenuity.
    • You will likely fail: Innovation initiatives rarely succeed on the first try – Harvard Business Review estimates between 70% and 90% of innovation efforts fail. Organizations which are more tolerant of failure tend to be significantly more innovative than those which are not (Review of Financial Studies, 2014).

    Based on a survey of global innovation trends and practices:

    75%

    Three-quarters of companies say innovation is a top-three priority.
    Source: BCG, 2021

    30%

    But only 30% of executives say their organizations are doing it well.
    Source: BCG, 2019

    The biggest obstacles to innovation are cultural

    The biggest obstacles to innovation in large companies

    Based on a survey of 270 business leaders.
    Source: Harvard Business Review, 2018

    A bar graph from the Harvard Business Review

    The most common challenges business leaders experience relate to people and culture. Success is based on people, not ideas.

    Politics, turf wars, and a lack of alignment: territorial departments, competition for resources, and unclear roles are holding back the innovation efforts of 55% of respondents.

    FIX IT
    Senior leadership needs to be clear on the innovation goals and how business units are expected to contribute to them.

    Cultural issues: many large companies have a culture that rewards operational excellence and disincentivizes risk. A history of failed innovation attempts may result in significant resistance to new change efforts.

    FIX IT
    Cultural change takes time. Ensure you are rewarding collaboration and risk-taking, and hire people with fresh new perspectives.

    Inability to act on signals crucial to the future of the business: only 18% of respondents indicated their organization was unaware of disruptions, but 42% said they struggled with acting on leading indicators of change.

    FIX IT
    Build the ability to quickly run pilots or partner with startups and incubators to test out new ideas without lengthy review and approval processes.
    Source: Harvard Business Review, 2018

    Build Your Enterprise Innovation Program

    Define your purpose, assess your culture, and build a practice that delivers true innovation.

    An image summarizing how to define your purpose, align your people, and Build your Practice.
    1 Source: Boston Consulting Group, 2021
    2 Source: Boston Consulting Group, 2019
    3 Source: Harvard Business Review, 2018

    Use this research to outperform your peers

    A seven-year review showed that the most innovative companies outperformed the market by upwards of 30%.

    A line graph showing the Normalized Market Capitalization for 2020.

    Innovators are defined as companies that were listed on Fast Company World's 50 Most Innovative Companies for 2+ years.

    Innovation is critical to business success.

    A 25-year study by Business Development Canada and Statistics Canada showed that innovation was more important to business success than management, human resources, marketing, or finance.

    Executive brief case study

    INDUSTRY: Healthcare
    SOURCE: Interview

    Culture is critical

    This Info-Tech member is a nonprofit, community-based mental health organization located in the US. It serves about 25,000 patients per year in community, school, and clinic settings.

    This organization takes its innovation culture very seriously and has developed methodologies to assess individual and team innovation readiness as well as innovation types, which it uses to determine everyone's role in the innovation process. These assessments look at knowledge of and trust in the organization, its innovation profile, and its openness to change. Innovation enthusiasts are involved early in the process when it's important to dream big, while more pragmatic perspectives are incorporated later to improve the final solution.

    Results

    The organization has developed many innovative approaches to delivering healthcare. Notably, they have reimagined patient scheduling and reduced wait times to the extent that some patients can be seen the same day. They are also working to improve access to mental health care despite a shortage of professionals.

    Developing an Innovative Culture

    • Innovation Readiness Assessment
    • Coaching Specific to Innovation Profile
    • Innovation Enthusiasts Involved Early
    • Innovation Pragmatists Involved Later
    • High Success Rate of Innovation

    Define innovation roles and responsibilities

    A table showing key innovation roles and responsibilities.

    Info-Tech's methodology for building your enterprise innovation program

    1. Define Your Purpose

    2. Align Your People

    3. Build Your Practice

    Phase Steps

    1. Understand your mandate
    2. Define your innovation ambitions
    3. Determine value proposition and metrics
    1. Foster a culture of innovation
    2. Define your operating model
    3. Build core innovation capabilities
    1. Build your ideation and prioritization methodologies
    2. Define your pilot project methodology
    3. Conduct a program retrospective

    Phase Outcomes

    Understand where the mandate for innovation comes from, and what the drivers are for pursuing innovation. Define what innovation means to your organization, and set the vision, mission, and guiding principles. Articulate the value proposition and key metrics for measuring success.

    Understand what it takes to build an innovative culture, and what types of innovation structure are most suited to your innovation goals. Define an innovation methodology and build your core innovation capabilities and team.

    Gather ideas and understand how to assess and prioritize initiatives based on standardized metrics. Develop criteria for tracking and measuring the success of pilot projects and conduct a program retrospective.

    Innovation program taxonomy

    This research uses the following common terms:

    Innovation Operating Model
    The operating model describes how the innovation program delivers value to the organization, including how the program is structured, the steps from idea generation to enterprise launch, and the methodologies used.
    Examples: Innovation Hub, Grassroots Innovation.

    Innovation Methodology
    Methodologies describe the ways the operating model is carried out, and the approaches used in the innovation practice.
    Examples: Design Thinking, Weighted Criteria Scoring

    Chief Innovation Officer
    This research is written for the person or team leading the innovation program – this might be a CINO, CIO, or other leader in the organization.

    Innovation Team
    The innovation team may vary depending on the operating model, but generally consists of the individuals involved in facilitating innovation across the organization. This may be, but does not have to be, a dedicated innovation department.

    Innovation Program
    The program for generating ideas, running pilot projects, and building a business case to implement across the enterprise.

    Pilot Project
    A way of testing and validating a specific concept in the real world through a minimum viable product or small-scale implementation. The pilot projects are part of the overall pilot program.

    Insight summary

    Innovation is about people, not ideas or processes
    Innovation does not require a formal process, a dedicated innovation team, or a large budget; the most important success factor for innovation is culture. Companies that facilitate innovative behaviors like growth mindset, collaboration, and the ability to take smart risk are most likely to see the benefits of innovation.

    Very few are doing innovation well
    Only 30% of companies consider themselves innovative, and there's a good reason: innovation involves unknowns, risk, and failure – three situations that people and organizations typically do their best to avoid. Counter this by removing the barriers to innovation.

    Culture is the greatest barrier to innovation
    In a survey of 270 business leaders, the top three most common obstacles were politics, turf wars, and alignment; culture issues; and inability to act on signals crucial to the business (Harvard Business Review, 2018). If you don't have a supportive culture, your ability to innovate will be significantly reduced.

    Innovation is a means to an end
    It is not the end itself. Don't get caught up in innovation for the sake of innovation – make sure you are getting the benefits from your investments. Measurable success factors are critical for maintaining the long-term success of your innovation engine.

    Tackle wicked problems
    Innovative approaches are better at solving complex problems than traditional practices. Organizations that prioritize innovation during a crisis tend to outperform their peers by over 30% and improve their market position (McKinsey, 2020).

    Innovate or die
    Innovation is critical to business growth. A 25-year study showed that innovation was more important to business success than management, human resources, marketing, or finance (Statistics Canada, 2006).

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Sample Job Descriptions and Organization Charts

    Determine the skills, knowledge, and structure you need to make innovation happen.

    Sample Job Descriptions and Organization Charts

    Ideation Session Template

    Facilitate an ideation session with your staff to identify areas for innovation.

    Ideation Session Template

    Initiative Prioritization Workbook

    Evaluate ideas to identify those which are most likely to provide value.

    Prioritization Workbook

    Key deliverable:

    Enterprise Innovation Program Summary

    Communicate how you plan to innovate with a report summarizing the outputs from this research.

    Enterprise Innovation Program Summary

    Measure the value of this research

    US businesses spend over half a trillion dollars on innovation annually. What are they getting for it?

    • The top innovators(1) typically spend 5-15% of their budgets on innovation (including R&D).
    • This research helps organizations develop a successful innovation program, which delivers value to the organization in the form of new products, services, and methods.
    • Leverage this research to:
      • Get your innovation program off the ground quickly.
      • Increase internal knowledge and expertise.
      • Generate buy-in and excitement about innovation.
      • Develop the skills and capabilities you need to drive innovation over the long term.
      • Validate your innovation concept.
      • Streamline and integrate innovation across the organization.

    (1) based on BCG's 50 Most Innovative Companies 2022

    30%

    The most innovative companies outperform the market by 30%.
    Source: McKinsey & Company, 2020

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    Guided implementation

    What does a typical guided implementation (GI) on this topic look like?

    Phase 0 Phase 1 Phase 2 Phase 3 Finish

    Call #1: Scope requirements, objectives, and your specific challenges.

    Call #2: Understand your mandate.
    (Activity 1.1)

    Call #3: Innovation vision, guiding principles, value proposition, and scope.
    (Activities 1.2 and 1.3)

    Call #4: Foster a culture of innovation. (Activity 2.1)

    Call #5: Define your methodology. (Activity 2.2)

    Call #6: Build core innovation capabilities. (Activity 2.3)

    Call #7: Build your ideation and pilot programs. (Activities 3.1 and 3.2)

    Call #8: Identify success metrics and notable wins. (Activity 3.3)

    Call #9: Summarize results and plan next steps.

    A GI is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    A typical GI is 8 to 12 calls over the course of three to six months.

    Workshop overview

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Session 1 Session 2 Session 3 Session 4

    Wrap Up

    Activities

    Define Your Ambitions

    Align Your People

    Develop Your Capabilities

    Build Your Program

    Next Steps and
    Wrap Up (offsite)

    1. Understand your innovation mandate (complete activity prior to workshop)
    2. Define your innovation ambitions
    3. Determine value proposition and metrics
    1. Foster a culture of innovation
    2. Define your operating model
    1. Build core innovation capabilities
    2. Develop prioritization criteria
    1. Define your methodology to pilot projects
    2. Conduct a program retrospective
    1. Complete in-progress deliverables from previous four days
    2. Set up review time for workshop deliverables and to discuss next steps

    Deliverables

    1. Our purpose
    2. Message from the CEO
    3. Vision and guiding principles
    4. Scope and value proposition
    5. Success metrics
    1. Building an innovative culture
    2. Operating model
    1. Core capabilities and structure
    2. Idea evaluation prioritization criteria
    1. Program retrospective
    2. Notable wins
    3. Executive summary
    4. Next steps
    1. Completed enterprise innovation program
    2. An engaged and inspired team

    Phase 1: Define Your Purpose

    Develop a better understanding of the drivers for innovation and what success looks like.

    Purpose

    People

    Practice

    1. Understand your mandate
    2. Define your innovation ambitions
    3. Determine value proposition and metrics
    1. Foster a culture of innovation
    2. Define your operating model
    3. Build core innovation capabilities
    1. Build your ideation and prioritization methodologies
    2. Define your pilot project methodology
    3. Conduct a program retrospective

    This phase will walk you through the following activities:

    • Understand your innovation mandate, including its drivers, scope, and focus.
    • Define what innovation means to your organization.
    • Develop an innovation vision and guiding principles.
    • Articulate the value proposition and proposed metrics for evaluating program success.

    This phase involves the following participants:

    • CINO
    • Business executives

    Case study

    INDUSTRY: Transportation
    SOURCE: Interview

    ArcBest
    ArcBest is a multibillion-dollar shipping and logistics company which leverages innovative technologies to provide reliable and integrated services to its customers.

    An Innovative Culture Starts at the Top
    ArcBest's innovative culture has buy-in and support from the highest level of the company. Michael Newcity, ArcBest's CEO, is dedicated to finding better ways of serving their customers and supports innovation across the company by dedicating funding and resources toward piloting and scaling new initiatives.
    Having a clear purpose and mandate for innovation at all levels of the organization has resulted in extensive grassroots innovation and the development of a formalized innovation program.

    Results
    ArcBest has a legacy of innovation, going back to its early days when it developed a business intelligence solution before anything else existed on the market. It continues to innovate today and is now partnering with start-ups to further expand its innovation capabilities.

    "We don't micromanage or process-manage incremental innovation. We hire really smart people who are inspired to create new things and we let them run – let them create – and we celebrate it.
    Our dedication to innovation comes from the top – I am both the President and the Chief Innovation Officer, and innovation is one of my top priorities."

    Michael Newcity

    Michael Newcity
    President and Chief Innovation Officer ArcBest

    1.1 Understand your innovation mandate

    Before you can act, you need to understand the following:

    • Where is the drive for innovation coming from?
      The source of your mandate dictates the scope of your innovation practice – in general, innovating outside the scope of your mandate (i.e. trying to innovate on products when you don't have buy-in from the product team) will not be successful.
    • What is meant by "innovation"?
      There are many different definitions for innovation. Before pursuing innovation at your organization, you need to understand how it is defined. Use the definition in this section as a starting point, and craft your own definition of innovation.
    • What kind of innovation are you targeting?
      Innovation can be internal or external, emergent or deliberate, and incremental or radically transformative. Understanding what kind of innovation you want is the starting point for your innovation practice.

    The source of your mandate dictates the scope of your influence

    You can only influence what you can control.

    Unless your mandate comes from the CEO or Board of Directors, driving enterprise-wide innovation is very difficult. If you do not have buy-in from senior business leaders, use lighthouse projects and a smaller innovation practice to prove the value of innovation before taking on enterprise innovation.

    In order to execute on a mandate to build innovation, you don't just need buy-in. You need support in the form of resources and funding, as well as strong leadership who can influence culture and the authority to change policies and practices that inhibit innovation.

    For more resources on building relationships in your organization, refer to Info-Tech's Become a Transformational CIO blueprint.

    What is "innovation"?

    Innovation is often easier to recognize than define.

    Align on a useful definition of innovation for your organization before you embark on a journey of becoming more innovative.

    Innovation is the practice of developing new methods, products or services which provide value to an organization.

    Practice
    This does not have to be a formal process – innovation is a means to an end, not the end itself.

    New
    What does "new" mean to you?

    • New application of an existing method
    • Developing a completely original product
    • Adopting a service from another industry

    Value
    What does value mean to you? Look to your business strategy to understand what goals the organization is trying to achieve, then determine how "value" will be measured.

    Info-Tech Insight

    Some innovations are incremental, while some are radically transformative. Decide what kind of innovation you want to cultivate before developing your strategy.

    We can categorize innovation in three ways

    Evaluate your goals with respect to innovation: focus, strategy, and potential to transform.

    Focus: Where will you innovate?

    Focus

    Strategy: To what extent will you guide innovation efforts?

    Strategy

    Potential: How radical will your innovations be?

    Potential

    What are your ambitions?

    1. Develop a better understanding of what type of innovation you are trying to achieve by plotting out your goals on the categories on the left.
    2. All categories are independent of one another, so your goals may fall anywhere on the scales for each category.
    3. Understanding your innovation ambitions helps establish the operating model best suited for your innovation practice.
    4. In general, innovation which is more external, deliberate, and radical tends to be more centralized.

    Activity 1.1 Understand your innovation mandate

    1 hour

    1. Schedule a 30-minute discussion with the person (i.e. CEO) or group (i.e. Board of Directors) ultimately requesting the shift toward innovation. If there is no external party, then conduct this assessment yourself.
    2. Facilitate a discussion that addresses the following questions:
    • What is meant by "innovation"?
    • What are they hoping to achieve through innovation?
    • What is the innovation scope? Are any areas off-limits (i.e. org structure, new products, certain markets)?
    • What is the budget (i.e. people, money) they are willing to commit to innovation?
    • What type of innovation are they pursuing?
    1. Record this information and complete the "Our Purpose" section of the Innovation Program Template.

    Download the Innovation Program Template.

    Input

    • Knowledge of the key decision maker/sponsor for innovation

    Output

    • Understanding of the mandate for innovation, including definition, value, scope, budget, and type of innovation

    Materials

    • Innovation Program Template

    Participants

    • CINO
    • CEO, CTO, or Board of Directors (whoever is requesting/sponsoring the pursuit of innovation)

    1.2 Define your innovation ambitions

    Articulate your future state through a vision and guiding principles.

    • Vision and purpose make up the foundation on which all other design aspects will be based. These aspects should not be taken lightly, but rather they should be the force that aligns everyone to work toward a common outcome. It is incumbent on leaders to make them part of the DNA of the organization – to drive organization, structure, culture, and talent strategy.
    • Your vision statement is a future-focused statement that summarizes what you hope to achieve. It should be inspirational, ambitious, and concise.
    • Your guiding principles outline the guardrails for your innovation practice. What will your focus be? How will you approach innovation? What is off-limits?
    • Define the scope and focus for your innovation efforts. This includes what you can innovate on and what is off limits.

    Your vision statement is your North Star

    Articulate an ambitious, inspirational, and concise vision statement for your innovation efforts.

    A strong vision statement:

    • Is future-focused and outlines what you want to become and what you want to achieve.
    • Provides focus and direction.
    • Is ambitious, focused, and concise.
    • Answers: What problems are we solving? Who and what are we changing?

    Examples:

    • "We create radical new technologies to solve some of the world's hardest problems." – Google X, the Moonshot Factory
    • "To be the most innovative enterprise in the world." – 3M
    • "To use our imagination to bring happiness to millions of people." – Disney

    "Good business leaders create a vision, articulate the vision, passionately own the vision, and relentlessly drive it to completion." – Jack Welch, Former Chairman and CEO of GE

    Your guiding principles are the guardrails for creativity

    Strong guiding principles give your team the freedom and direction to innovate.

    Strong guiding principles:

    • Focus on the approach, i.e. how things are done, as opposed to what needs to be done.
    • Are specific to the organization.
    • Inform and direct decision making with actionable statements. Avoid truisms, general statements, and observations.
    • Are long-lasting and based on values, not solutions.
    • Are succinct and easily digestible.
    • Can be measured and verified.
    • Answers: How do we approach innovation? What are our core values

    Craft your guiding principles using these examples

    Encourage experimentation and risk-taking
    Innovation often requires trying new things, even if they might fail. We encourage experimentation and learn from failure, so that new ideas can be tested and refined.

    Foster collaboration and cross-functional teams
    Innovation often comes from the intersection of different perspectives and skill sets.

    Customer-centric
    Focus on creating value for the end user. This means understanding their needs and pain points, and using that knowledge to develop new methods, products, or services.

    Embrace diversity and inclusivity
    Innovation comes from a variety of perspectives, backgrounds, and experiences. We actively seek out and encourage diversity and inclusivity among our team members.

    Foster a culture of learning and continuous improvement
    Innovation requires continuous learning, development, and growth. We facilitate a culture that encourages learning and development, and that seeks feedback and uses it to improve.

    Flexible and adaptable
    We adapt to changes in the market, customer needs, and new technologies, so that it can continue to innovate and create value over time.

    Data-driven
    We use performance metrics and data to guide our innovation efforts.

    Transparency
    We are open and transparent in our processes and let the business needs guide our innovation efforts. We do not lead innovation, we facilitate it.

    Activity 1.2 Craft your vision statement and guiding principles

    1-2 hours

    1. Gather your innovation team and key program sponsors. Review the guidelines for creating vision statements and guiding principles, as well as your mandate and focus for innovation.
    2. As a group, discuss what you hope to achieve through your innovation efforts.
    3. Separately, have each person write down their ideas for a vision statement. Bring the group back together and share ideas. Group the concepts together and construct a single statement which outlines your aspirational vision.
    4. As a group, review the example guiding principles.
    5. Separately, have each person write down three to five guiding principles. Bring the group back together and share ideas. Group similar concepts together and consolidate duplicate ideas. From this list, construct six to eight guiding principles.
    6. Document your vision and guiding principles in the appropriate sections of the Innovation Program Template.

    Input

    • Understanding of your innovation mandate
    • Business vision, mission, and values
    • Sample vision statements and guiding principles

    Output

    • Vision statement
    • Guiding principles

    Materials

    • In person: Whiteboard/flip charts, sticky notes, pens, and notepads
    • Virtual: Consider using a shared document, virtual whiteboard, or online facilitation tool like MURAL
    • Innovation Program Template

    Participants

    • CINO
    • Innovation sponsors
    • Business leaders
    • Innovation team

    1.3 Determine your value proposition and metrics

    Justify the existence of the innovation program with a strong value proposition.

    • The value proposition for developing an innovation program will be different for each organization, depending on what the organization hopes to achieve. Consider your mandate for innovation as well as the type of innovation you are pursuing when crafting the value proposition.
    • Some of the reasons organizations may pursue innovation:
      • Business growth: Respond to market disruption; create new customers; take advantage of opportunities.
      • Branding: Create market differentiation; increase customer satisfaction and retention; adapt to customer needs.
      • Profitability: Improve products, services, or operations to increase competitiveness and profitability; develop more efficient processes.
      • Culture: Foster a culture of creativity and experimentation within the organization, encouraging employees to think outside the box.
      • Positive impact: Address social challenges such as poverty and climate change.

    Develop a strong value proposition for your innovation program

    Demonstrate the value to the business.

    A strong value proposition not only articulates the value that the business will derive from the innovation program but also provides a clear focus, helps to communicate the innovation goals, and ultimately drives the success of the program.

    Focus
    Prioritize and focus innovation efforts to create solutions that provide real value to the organization

    Communicate
    Communicate the mandate and benefits of innovation in a clear and compelling way and inspire people to think differently

    Measure Success
    Measure the success of your program by evaluating outcomes based on the value proposition

    Track appropriate success metrics for your innovation program

    Your success metrics should link back to your organizational goals and your innovation program's value proposition.

    Revenue Growth: Increase in revenue generated by new products or services.

    Market Share: Percentage of total market that the business captures as a result of innovation.

    Customer Satisfaction: Reviews, customer surveys, or willingness to recommend the company.

    Employee Engagement: Engagement surveys, performance, employee retention, or turnover.

    Innovation Output: The number of new products, services, or processes that have been developed.

    Return on Investment: Financial return on the resources invested in the innovation process.

    Social Impact: Number of people positively impacted, net reduction in emissions, etc.

    Time to Launch: The time it takes for a new product or service to go from idea to launch.

    Info-Tech Insight

    The total impact of innovation is often intangible and extremely difficult to capture in performance metrics. Focus on developing a few key metrics rather than trying to capture the full value of innovation.

    How much does innovation cost?

    Company Industry Revenue(2)
    (USD billions)
    R&D Spend
    (USD billions)
    R&D Spend
    (% of revenue)
    Apple Technology $394.30 $26.25 6.70%
    Microsoft Technology $203.10 $25.54 12.50%
    Amazon.com Retail $502.20 $67.71 13.40%
    Alphabet Technology $282.10 $37.94 13.40%
    Tesla Manufacturing $74.90 $3.01 4.00%
    Samsung Technology $244.39 (2021)(3) $19.0 (2021) 7.90%
    Moderna Pharmaceuticals $23.39 $2.73 11.70%
    Huawei Technology $99.9 (2021)4 Not reported -
    Sony Technology $83.80 Not reported -
    IBM Technology $60.50 $1.61 2.70%
    Meta Software $118.10 $32.61 27.60%
    Nike Commercial goods $49.10 Not reported -
    Walmart Retail $600.10 Not reported -
    Dell Technology $105.30 $2.60 2.50%
    Nvidia Technology $28.60 $6.85 23.90%


    The top innovators(1) in the world spend 5% to 15% of their revenue on innovation.

    Innovation requires a dedicated investment of time, money, and resources in order to be successful. The most innovative companies, based on Boston Consulting Group's ranking of the 50 most innovative companies in the world, spend significant portions of their revenue on research and development.

    Note: This data uses research and development as a proxy for innovation spending, which may overestimate the total spend on what this research considers true innovation.

    (1) Based on Boston Consulting Group's ranking of the 50 most innovative companies in the world, 2022
    (2) Macrotrends, based on the 12 months ending Sept 30, 2022
    (3) Statista
    (4) CNBC, 2022

    Activity 1.3 Develop your value proposition and performance metrics

    1 hour

    1. Review your mandate and vision statement. Write down your innovation goals and desired outcomes from pursuing innovation, prioritize the desired outcomes, and select the top five.
    2. For each desired outcome, develop one to two metrics which could be used to track its success. Some outcomes are difficult to track, so get creative when it comes to developing metrics. If you get stuck, think about what would differentiate a great outcome from an unsuccessful one.
    3. Once you have developed a list of three to five key metrics, read over the list and ensure that the metrics you have developed don't negatively influence your innovation. For example, a metric of the number of successful launches may drive people toward launching before a product is ready.
    4. For each metric, develop a goal. For example, you may target 1% revenue growth over the next fiscal year or 20% energy use reduction.
    5. Document your value proposition and key performance metrics in the appropriate sections of the Innovation Program Template.

    Input

    • Understanding of your innovation mandate
    • Vision statement

    Output

    • Value proposition
    • Performance metrics

    Materials

    • Innovation Program Template

    Participants

    • CINO

    Phase 2: Align Your People

    Create a culture that fosters innovative behaviors and puts processes in place to support them.

    Purpose

    People

    Practice

    1. Understand your mandate
    2. Define your innovation ambitions
    3. Determine value proposition and metrics
    1. Foster a culture of innovation
    2. Define your operating model
    3. Build core innovation capabilities
    1. Build your ideation and prioritization methodologies
    2. Define your pilot project methodology
    3. Conduct a program retrospective

    This phase will walk you through the following activities:

    • Understand the key aspects of innovative cultures, and the behaviors associated with innovation.
    • Assess your culture and identify gaps.
    • Define your innovation operating model based on your organizational culture and the focus for innovation.
    • Build your core innovation capabilities, including an innovation core team (if required based on your operating model).

    This phase involves the following participants:

    • CINO
    • Innovation team

    2.1 Foster a culture of innovation

    Culture is the most important driver of innovation – and the most challenging to get right.

    • Fostering a culture of innovation requires a broad approach which considers the perspectives of individuals, teams, leadership, and the overall organization.
    • If you do not have support from leadership, it is very difficult to change organizational culture. It may be more effective to start with an innovation pilot or lighthouse project in order to gain support before addressing your culture.
    • Rather than looking to change outcomes, focus on the behaviors which lead to innovation – such as growth mindset and willingness to fail. If these aren't in place, your ability to innovate will be limited.
    • This section focuses on the specific behaviors associated with increased innovation. For additional resources on implementing these changes, refer to Info-Tech's other research:

    Info-Tech's Fix Your IT Culture can help you promote innovative behaviors

    Refer to Improve IT Team Effectiveness to address team challenges

    Build a culture of innovation

    Focus on behaviors, not outcomes.

    The following behaviors and key indicators either stifle or foster innovation.

    Stifles Innovation Key Indicators Fosters Innovation Key Indicators
    Fixed mindset "It is what it is" Growth mindset "I wonder if there's a better way"
    Performance focused "It's working fine" Learning focused "What can we learn from this?"
    Fear of reprisal "I'll get in trouble" Psychological safety "I can disagree"
    Apathy "We've always done it this way" Curiosity "I wonder what would happen if…"
    Cynicism "It will never work" Trust "You have good judgement"
    Punishing failure "Who did this?" Willingness to fail "It's okay to make mistakes"
    Individualism "How does this benefit me?" Collaboration "How does this benefit us?"
    Homogeneity "We never disagree" Diversity and inclusion "We appreciate different views"
    Excessive bureaucracy "We need approval" Autonomy "I can do this"
    Risk avoidance "We can't try that" Appropriate risk-taking "How can we do this safely?"

    Ensure you are not inadvertently stifling innovation.
    Review the following to ensure that the desired behaviors are promoted:

    • Hiring practices
    • Performance evaluation metrics
    • Rewards and incentives
    • Corporate policies
    • Governance structures
    • Leadership behavior

    Case study

    INDUSTRY: Commercial Real Estate and Retail
    SOURCE: Interview

    How not to approach innovation.

    This anonymous national organization owned commercial properties across the country and had the goal of becoming the most innovative real estate and retail company in the market.

    The organization pursued innovation in the digital solutions space across its commercial and retail properties. Within this space, there were significant differences in risk tolerance across teams, which resulted in the more risk-tolerant teams excluding the risk-averse members from discussions in order to circumvent corporate policies on risk tolerance. This resulted in an adversarial and siloed culture where each group believed they knew better than the other, and the more risk-averse teams felt like they were policing the actions of the risk-tolerant group.

    Results

    Morale plummeted, and many of the organization's top people left. Unfortunately, one of the solutions did not meet regulatory requirements, and the company faced negative media coverage and legal action. There was significant reputational damage as a result.

    Lessons Learned

    Considering differences in risk tolerance and risk appetite is critical when pursuing innovation. While everyone doesn't have to agree, leadership needs to understand the different perspectives and ensure that no one party is dominating the conversation over the others. An understanding of corporate risk tolerance and risk appetite is necessary to drive innovation.

    All perspectives have a place in innovation. More risk tolerant perspectives should be involved early in the ideas-generation phase, and risk-averse perspectives should be considered later when ideas are being refined.

    Speed should not override safety or circumvent corporate policies.

    Understand your risk tolerance and risk appetite

    Evaluate and align the appetite for risk.

    • It is important to understand the organization's risk tolerance as well as the desire for risk. Consider the following risk categories when investigating the organization's views on risk:
      • Financial risk: the potential for financial or property loss.
      • Operational risk: the potential for disruptions to operations.
      • Reputational risk: the potential for negative impact to brand or reputation.
      • Compliance risk: the potential for loss due to non-compliance with laws and regulations.
    • Greater risk tolerance typically enables greater innovation. Understand the varying levels of risk tolerance across your organization, and how these differences might impact innovation efforts.

    An arrow showing the directions of risk tolerance.

    It is more important to match the level of risk tolerance to the degree of innovation required. Not all innovation needs to be (or can feasibly be) disruptive.
    Many factors impact risk tolerance including:

    • Regulation
    • Organization size
    • Country
    • Industry
    • Personal experience
    • Type of risk

    Use Info-Tech's Security Risk Management research to better understand risk tolerance

    Activity 2.1 Assess your innovation culture

    1-3 hours

    1. Review the behaviors which support and stifle innovation and give each behavior a score from 1 (stifling innovation) to 5 (fostering innovation). Any behaviors which fall below a 4 on this scale should be prioritized in your efforts to create an innovative culture.
    2. Review the following policies and practices to determine how they may be contributing to the behaviors you see in your organization:
      1. Hiring practices
      2. Performance evaluation metrics
      3. Rewards, recognition, and incentives
      4. Corporate policies
      5. Governance structures
      6. Leadership behavior
    3. Identify three concrete actions you can take to correct any behaviors which are stifling innovation. Examples might be revising a policy which punishes failure or changing performance incentives to reward appropriate risk taking.
    4. Summarize your findings in the appropriate section of the Innovation Program Template.

    Input

    • Innovation behaviors

    Output

    • Understanding of your organization's culture
    • Concrete actions you can take to promote innovation

    Materials

    • List of innovative behaviors
    • Relevant policies and documents to review
    • Innovation Program Template

    Participants

    • CINO

    2.2 Define your innovation model

    Set up your innovation practice for success using proven models and methodologies.

    • There are many ways to approach innovation, from highly distributed forms where it's just part of everyone's job to very centralized and arm's-length innovation hubs or even outsourced innovation via startups. You can combine different approaches to create your own approach.
    • You may or may not have a formal innovation team, but if you do, their role is to facilitate innovation – not lead it. Innovation is most effective when it is led by the business.
    • There are many tools and methodologies you can use to facilitate innovation. Choose the one (or combination) that best suits your needs.

    Select the right model

    There is no one right way to pursue innovation, but some methods are better than others for specific situations and goals. Consider your existing culture, your innovation goals, and your budget when selecting the right methodology for your innovation.

    Model Description Advantages Disadvantages Good when…
    Grassroots Innovation Innovation is the responsibility of everyone, and there is no centralized innovation team. Ideas are piloted and scaled by the person/team which produces it.
    • Can be used in any organization or team
    • Can support low or high degree of structure
    • Low funding requirement
    • Requires a strong innovation culture
    • Often does not produce results since people don't have time to focus on innovation
    • Innovation culture is strong
    • Funding is limited
    • Goal is internal, incremental innovation
    Community of Practice Innovation is led by a cross-divisional Community of Practice (CoP) which includes representation from across the business. Champions consult with their practice areas and bring ideas forward.
    • Bringing people together can help stimulate and share ideas
    • Low funding requirement
    • Able to support many types of innovation
    • Some people may feel left out if they can't be involved
    • May not produce results if people are too busy to dedicate time to innovate
    • Innovation culture is present
    • Funding is limited
    • Goal is incremental or disruptive innovation
    Innovation Enablement
    *Most often recommended*
    A dedicated innovation team with funding set aside to support pilots with a high degree of autonomy, with the role of facilitating business-led innovation.
    • Most flexible of all options
    • Supports business-led innovation
    • Can deliver results quickly
    • Can enable a higher degree of innovation
    • Requires dedicated staff and funding
    • Innovation culture is present
    • Funding is available
    • Goal is internal or external, incremental or radical innovation
    Center of Excellence Dedicated team responsible for leading innovation on behalf of the organization. Generally, has business relationship managers who gather ideas and liaise with the business.
    • Can deliver results quickly
    • Can offer a fresh perspective
    • Can enable a higher degree of innovation
    • Requires dedicated staff and funding
    • Is typically separate from the business
    • Results may not align with the business needs or have adequate input
    • Innovation culture is weak
    • Funding is significant
    • Goal is external, disruptive innovation
    Innovation Hub An arm's length innovation team is responsible for all or much of the innovation and may not interact much with the core business.
    • Can deliver results quickly
    • Can be extremely innovative
    • Expensive
    • Results may not align with the business needs or have adequate/any input
    • Innovation culture is weak
    • Funding is very significant
    • Goal is external, radical innovation
    Outsourced Innovation Innovation is outsourced to an external organization which is not linked to the primary organization. This can take the form of working with or investing in startups.
    • Can lead to more innovative ideas than internal innovation
    • Investments can become a diverse revenue stream if startups are successful
    • Innovation does not rely on culture
    • Higher risk of failure
    • Less control over goals or focus
    • Results may not align with the business needs or have any input from users
    • Innovation does not rely on culture
    • Funding is significant
    • Goal is external or internal, radical innovation

    Use the right methodologies to support different stages of your innovation process

    A chart showing methodologies to support different stages of the integration process.

    Adapted from Niklaus Gerber via Medium, 2022

    Methodologies are most useful when they are aligned with the goals of the innovation organization.

    For example, design thinking tends to be excellent for earlier innovation planning, while Agile can allow for faster implementation and launch of initiatives later in the process.

    Consider combining two or more methodologies to create a custom approach that best suits your organization's capabilities and goals.

    Sample methodologies

    A robust innovation methodology ensures that the process for developing, prioritizing, selecting, implementing, and measuring initiatives is aligned with the results you are hoping to achieve.

    Different types of problems (drivers for innovation) may necessitate different methodologies, or a combination of methodologies.

    Hackathon: An event which brings people together to solve a well-defined problem.

    Design Thinking: Creative approach that focuses on understanding the needs of users.

    Lean Startup: Emphasizes rapid experimentation in order to validate business hypotheses.

    Design Sprint: Five-day process for answering business questions via design, prototyping, and testing.

    Agile: Iterative design process that emphasizes project management and retrospectives.

    Three Horizons: Framework that looks at opportunities on three different time horizons.

    Innovation Ambition Matrix: Helps organizations categorize projects as part of the core offering, an adjacent offering, or completely new.

    Global Innovation Management: A process of identifying, developing and implementing new ideas, products, services, or processes using alternative thinking.

    Blue Ocean Strategy: A methodology that helps organizations identify untapped market space and create new markets via unique value propositions.

    Activity 2.2 Design your innovation model

    1-2 hours

    1. Think about the following factors which influence the design of your innovation practice:
      1. Existing organizational culture
      2. Available funding to support innovation
      3. Type of innovation you are targeting
    2. Review the innovation approaches, and identify which approach is most suitable for your situation. Note why this approach was selected.
    3. Review the innovation methodologies and research those of interest. Select two to five methodologies to use for your innovation practice.
    4. Document your decisions in the Innovation Program Template.

    Input

    • Understanding of your mandate and existing culture

    Output

    • Innovation approach
    • Selected methodologies

    Materials

    • Innovation Program Template

    Participants

    • CINO
    • Innovation team

    2.3 Build your core innovation capabilities

    Develop the skills, knowledge, and experience to facilitate successful innovation.

    • Depending on the approach you selected in step 2.2, you may or may not require a dedicated innovation team. If you do, use the job descriptions and sample organization charts to build it. If not, focus on developing key capabilities which are needed to facilitate innovation.
    • Diversity is key for successful innovation – ensure your team (formal or otherwise) includes diverse perspectives and backgrounds.
    • Use your guiding principles when hiring and training your team.
    • Focus on three core roles: evangelists, enablers, and experts.

    Focus on three key roles when building your innovation team

    Types of roles will depend on the purpose and size of the innovation team.

    You don't need to grow them all internally. Consider partnering with vendors and other organizations to build capabilities.

    Evangelists

    Visionaries who inspire, support, and facilitate innovation across the business. Their responsibilities are to drive the culture of innovation.

    Key skills and knowledge:

    • Strong communication skills
    • Relationship-building
    • Consensus-building
    • Collaboration
    • Growth mindset

    Sample titles:

    • CINO
    • Chief Transformation Officer
    • Chief Digital Officer
    • Innovation Lead
    • Business Relationship Manager

    Enablers

    Translate ideas into tangible business initiatives, including assisting with business cases and developing performance metrics.

    Key skills and knowledge:

    • Critical thinking skills
    • Business knowledge
    • Facilitation skills
    • Consensus-building
    • Relationship-building

    Sample titles:

    • Product Owner
    • Design Thinking Lead
    • Data Scientist
    • Business Analyst
    • Human Factors Engineer
    • Digital Marketing Specialist

    Experts

    Provide expertise in product design, delivery and management, and responsible for supporting and executing on pilot projects.

    Key skills and knowledge:

    • Project management skills
    • Technical expertise
    • Familiarity with emerging technologies
    • Analytical skills
    • Problem-solving skills

    Sample titles:

    • Product Manager
    • Scrum Master/Agile Coach
    • Product Engineer/DevOps
    • Product Designer
    • Emerging tech experts

    Sample innovation team structure (large enterprise)

    Visualize the whole value delivery process end-to-end to help identify the types of roles, resources, and capabilities required. These capabilities can be sourced internally (i.e. grow and hire internally) or through collaboration with centers of excellence, commercial partners, etc.

    A flow chart of a sample innovation team structure.

    Streamline your process by downloading Info-Tech's job description templates:

    Activity 2.3 Build your innovation team

    2-3 hours

    1. Review your work from the previous activities as well as the organizational structure and the job description templates.
    2. Start a list with two columns: currently have and needed. Start listing some of the key roles and capabilities from earlier in this step, categorizing them appropriately.
    3. If you are using an organizational structure for your innovation process, start to frame out the structure and roles for your team.
    4. Develop a list of roles you need to hire, and the key capabilities you need from candidates. Using the job descriptions, write job postings for each role.
    5. Record your work in the appropriate section of the Innovation Program Template.

    Input

    • Previous work
    • Info-Tech job description templates

    Output

    • List of capabilities required
    • Org chart
    • Job postings for required roles

    Materials

    • Note-taking capability
    • Innovation Program Template

    Participants

    • CINO

    Related Info-Tech Research

    Fix Your IT Culture

    • Promote psychological safety and growth mindset within your organization.
    • Develop the organizational behaviors that lead to innovation.

    Improve IT Team Effectiveness

    • Address behaviors, processes, and cultural factors which impact team effectiveness.
    • Grow the team's ability to address challenges and navigate volatile, uncertain, complex and ambiguous environments.

    Master Organizational Change Management Practices

    • Transformation and change are increasingly becoming the new normal. While this normality may help make people more open to change in general, specific changes still need to be planned, communicated, and managed. Agility and continuous improvement are good but can degenerate into volatility if change isn't managed properly.

    Phase 3: Build Your Practice

    Define your innovation process, streamline pilot projects, and scale for success.

    Purpose

    People

    Practice

    1. Understand your mandate
    2. Define your innovation ambitions
    3. Determine value proposition and metrics
    1. Foster a culture of innovation
    2. Define your operating model
    3. Build core innovation capabilities
    1. Build your ideation and prioritization methodologies
    2. Define your pilot project methodology
    3. Conduct a program retrospective

    This phase will walk you through the following activities:

    • Build the methodologies needed to elicit ideas from the business.
    • Develop criteria to evaluate and prioritize ideas for piloting.
    • Define your pilot program methodologies and processes, including criteria to assess and compare the success of pilot projects.
    • Conduct an end-of-year program retrospective to evaluate the success of your innovation program.

    This phase involves the following participants:

    • CINO
    • Innovation team

    Case study

    INDUSTRY: Government
    SOURCE: Interview

    Confidential US government agency

    The business applications group at this government agency strongly believes that innovation is key to progress and has instituted a formal innovation program as part of their agile operations. The group uses a Scaled Agile Framework (SAFe) with 2-week sprints and a 12-week program cycle.

    To support innovation across the business unit, the last sprint of each cycle is dedicated toward innovation and teams do not commit to any other during these two weeks. At the end of each innovation sprint, ideas are presented to leadership and the valuable ones were either implemented initially or were given time in the next cycle of sprints for further development. This has resulted in a more innovative culture across the practice.

    Results

    There have been several successful innovations since this process began. Notably, the agency had previously purchased a robotic process automation platform which was only being used for a few specific applications. One team used their innovation sprint to expand the use cases for this solution and save nearly 10,000 hours of effort.

    Standard 12-week Program Cycle
    An image of a standard 12-week program

    Design your innovation operating model to maximize value and learning opportunities

    Pilots are an iterative process which brings together innovators and business teams to test and evaluate ideas.

    Your operating model should include several steps including ideation, validation, evaluation and prioritization, piloting, and a retrospective which follows the pilot. Use the example on this slide when designing your own innovation operating model.

    An image of the design process for innovation operation model.

    3.1 Build your ideation and prioritization methodologies

    Engage the business to generate ideas, then prioritize based on value to the business.

    • There are many ways of generating ideas, from informal discussion to formal ideation sessions or submission forms. Whatever you decide to use, make sure that you're getting the right information to evaluate ideas for prioritization.
    • Use quantitative and qualitative metrics to evaluate ideas generated during the ideation process.
      • Quantitative metrics might include potential return on investment (ROI) or effort and resources required to implement.
      • Qualitative metrics might include alignment with the organizational strategy or the level of risk associated with the idea.

    Engage the business to generate ideas

    There are many ways of generating innovative ideas. Pick the methods that best suit your organization and goals.

    Design Thinking
    A structured approach that encourages participants to think creatively about the needs of the end user.

    An image including the following words: Empathize, Define; Ideate; Test.

    Ideation Workshop
    A formal session that is used to understand a problem then generate potential solutions. Workshops can incorporate the other methodologies (such as brainstorming, design thinking, or mind mapping) to generate ideas.

    • Define the problem
    • Generate ideas
    • Capture ideas
    • Evaluate and prioritize
    • Assign next steps

    Crowdsourcing
    An informal method of gathering ideas from a large group of people. This can be a great way to generate many ideas but may lack focus.

    Value Proposition Canvas
    A visual tool which helps to identify customer (or user) needs and design products and services that meet those needs.

    an image of the Value Proposition Canvas

    Evaluate ideas and focus on those with the greatest value

    Evaluation should be transparent and use both quantitative and qualitative metrics. The exact metrics used will depend on your organization and goals.

    It is important to include qualitative metrics as these dimensions are better suited to evaluating highly innovative ideas and can capture important criteria like alignment with overall strategy and feasibility.

    Develop 5 to 10 criteria that you can use to evaluate and prioritize ideas. Some criteria may be a pass/fail (for example, minimum ROI) and some may be comparative.

    Evaluate
    The first step is to evaluate ideas to determine if they meet the minimum criteria. This might include quantitative criteria like ROI as well as qualitative criteria like strategic alignment and feasibility.

    Prioritize
    Ideas that pass the initial evaluation should be prioritized based on additional criteria which might include quantitative criteria such as potential market size and cost to implement, and qualitative criteria such as risk, impact, and creativity.

    Quantitative Metrics

    Quantitative metrics are objective and easily comparable between initiatives, providing a transparent and data-driven process for evaluation and prioritization.
    Examples:

    • Potential market size
    • ROI
    • Net present value
    • Payback period
    • Number of users impacted
    • Customer acquisition cost
    • Customer lifetime value
    • Breakeven analysis
    • Effort required to implement
    • Cost to implement

    Qualitative Metrics

    Qualitative metrics are less easily comparable but are equally important when it comes to evaluating ideas. These should be developed based on your organization strategy and innovation goals.
    Examples:

    • Strategy alignment
    • Impact on users
    • Uncertainty and risk
    • Innovation potential
    • Culture impact
    • Feasibility
    • Creativity and originality
    • Type of innovation

    Activity 3.1 Develop prioritization metrics

    1-3 hours

    1. Review your mandate, purpose, innovation goals and the sample prioritization and evaluation metrics.
    2. Write down a list of your goals and their associated metrics, then prioritize which are the most important.
    3. Determine which metrics will be used to evaluate ideas before they move on to the prioritization stage, and which metrics will be used to compare initiatives in order to determine which will receive further investment.
    4. For each evaluation metric, determine the minimum threshold required for an idea to move forward. For each prioritization metric identify the definition and how it will be evaluated. Qualitative metrics may require more precise definitions than quantitative metrics.
    5. Enter your metrics into the Initiative Prioritization Template.

    Input

    • Innovation mandate
    • Innovation goals
    • Sample metrics

    Output

    • Evaluation and prioritization metrics for ideas

    Materials

    • Whiteboard/Flip charts
    • Innovation Program Template

    Participants

    • Innovation leader

    Download the Initiative Prioritization Template

    3.2 Build your program to pilot initiatives

    Test and refine ideas through real-world pilot projects.

    • The purpose of your pilot is to test and refine ideas in the real world. In order to compare pilot projects, it's important to track key performance indicators throughout the pilot. Measurements should be useful and comparable.
    • Innovation facilitators are responsible for supporting pilot projects, including designing the pilot, setting up metrics, tracking outcomes, and facilitating retrospectives.
    • Pilots generally follow an Agile methodology where ideas may be refined as the pilot proceeds, and the process iterates until either the idea is discarded or it has been refined into an initiative which can be scaled.
    • Expect that most pilots will fail the first time, and many will fail completely. This is not a loss; lessons learned from the retrospective can be used to improve the process and later pilots.

    Use pilot projects to test and refine initiatives before scaling to the rest of the organization

    "Learning is as powerful as the outcome." – Brett Trelfa, CIO, Arkansas Blue Cross

    1. Clearly define the goals and objectives of the pilot project. Goals and objectives ensure that the pilot stays on track and can be measured.
    2. Your pilot group should include a variety of participants with diverse perspectives and skill sets, in order to gather unique insights.
    3. Continuously track the progress of the pilot project. Regularly identify areas of improvement and implement changes as necessary to refine ideas.
    4. Regularly elicit feedback from participants and iterate in order to improve the final innovation. Not all pilots will be successful, but every failure can help refine future solutions.
    5. Consider scalability. If the pilot project is successful, it should be scalable and the lessons learned should be implemented in the larger organization.

    Sample pilot metrics

    Metrics are used to validate and test pilot projects to ensure they deliver value. This is an important step before scaling to the rest of the organization.

    Adoption: How many end users have adopted the pilot solution?

    Utilization: Is the solution getting utilized?

    Support Requests: How many support requests have there been since the pilot was initiated?

    Value: Is the pilot delivering on the value that it proposed? For example, time savings.

    Feasibility: Has the feasibility of the solution changed since it was first proposed?

    Satisfaction: Focus groups or surveys can provide feedback on user/customer satisfaction.

    A/B Testing: Compare different methods, products or services.

    Info-Tech Insight

    Ensure standard core metrics are used across all pilot projects so that outcomes can be compared. Additional metrics may be used to refine and test hypotheses through the pilot process.

    Activity 3.2 Build your program to pilot initiatives

    1-2 hours

    1. Gather the innovation team and review your mandate, purpose, goals, and the sample innovation operating model and metrics.
    2. As a group, brainstorm the steps needed from idea generation to business case. Use sticky notes if in person, or a collaboration tool if remote.
    3. Determine the metrics that will be used to evaluate ideas at each decision step (for example, prior to piloting). Outline what the different decisions might be (for example, proceed, refine or discard) and what happens as a result of each decision.
    4. Document your final steps and metrics in the Innovation Program Template.

    Input

    • Innovation mandate
    • Innovation goals
    • Sample metrics

    Output

    • Pilot project methodology
    • Pilot project metrics

    Materials

    • Innovation Program Template
    • Sticky notes (in person) or digital collaboration tool (if remote)

    Participants

    • Innovation leader
    • Innovation team

    3.3 Conduct a program retrospective

    Generate value from your successful pilots by scaling ideas across the organization.

    • The final step in the innovation process is to scale ideas to the enterprise in order to realize the full potential.
    • Keeping track of notable wins is important for showing the value of the innovation program. Track performance of initiatives that come out of the innovation program, including their financial, cultural, market, and brand impacts.
    • Track the success of the innovation program itself by evaluating the number of ideas generated, the number of pilots run and the success of the pilots. Keep in mind that many failed pilots is not a failure of the program if the lessons learned were valuable.
    • Complete an innovation program retrospective every 6 to 12 months in order to adjust and make any changes if necessary to improve your process.

    Retrospectives should be objective, constructive, and action-oriented

    A retrospective is a review of your innovation program with the aim of identifying lessons learned, areas for improvement, and opportunities for growth.

    During a retrospective, the team will reflect on past experiences and use that information to inform future decision making and improve outcomes.

    The goal of a retrospective is to learn from the past and use that knowledge to improve in the future.

    Objective

    Ensure that the retrospective is based on facts and objective data, rather than personal opinions or biases.

    Constructive

    Ensure that the retrospective is a positive and constructive experience, with a focus on finding solutions rather than dwelling on problems.

    Action-Oriented

    The retrospective should result in a clear action plan with specific steps to improve future initiatives.

    Activity 3.3 Conduct a program retrospective

    1-2 hours

    1. Post a large piece of paper on the wall with a timeline from the last year. Include dates and a few key events, but not much more. Have participants place sticky notes in the spots to describe notable wins or milestones that they were proud of. This can be done as part of a formal meeting or asynchronously outside of meetings.
    2. Bring the innovation team together and review the poster with notable wins. Do any themes emerge? How does the team feel the program is doing? Are there any changes needed?
    3. Consider the metrics you use to track your innovation program success. Did the scaled projects meet their targets? Is there anything that could be refined about the innovation process?
    4. Evaluate the outcomes of your innovation program. Did it meet the targets set for it? Did the goals and innovation ambitions come to fruition?
    5. Complete this step every 6 to 12 months to assess the success of your program.
    6. Complete the "Notable Wins" section of the Innovation Program Template.

    Input

    • Innovation mandate
    • Innovation goals
    • Sample metrics

    Output

    • Notable wins
    • Action items for refining the innovation process

    Materials

    • Innovation Program Template
    • Sticky notes (in person) or digital collaboration tool (if remote)

    Participants

    • CIO
    • Innovation team
    • Others who have participated in the innovation process

    Related Info-Tech Research

    Adopt Design Thinking in Your Organization

    • A user's perspective while interacting with the products and services is very different from the organization's internal perspective while implementing and provisioning those. A design-based organization balances the two perspectives to drive user-satisfaction over end-to-end journeys.

    Prototype With an Innovation Design Sprint

    • Build and test a prototype in four days using Info-Tech's Innovation Design Sprint Methodology.
    • Create an environment for co-creation between IT and the business.

    Fund Innovation With a Minimum Viable Business Case

    • Our approach guides you through effectively designing a solution, de-risking a project through impact reduction techniques, building and pitching the case for your project, and applying the business case as a mechanism to ensure that benefits are realized.

    Summary of Accomplishment

    Congratulations on launching your innovation program!

    You have now completed your innovation strategy, covering the following topics:

    • Executive Summary
    • Our Purpose
    • Scope and Value Proposition
    • Guiding Principles
    • Building an Innovative Culture
    • Program Structure
    • Success Metrics
    • Notable Wins

    If you would like additional support, have our analysts guide you through an Info-Tech workshop or Guided Implementation.

    Contact your account representative for more information.
    workshops@infotech.com 1-888-670-8889

    Related Info-Tech Research

    Accelerate Digital Transformation With a Digital Factory

    • Understand the foundations of good design: purpose, organizational support, and leadership.
    • Understand the design of the operating model: structure and organization, management practices, culture, environment, teams, technology platforms, and meaningful metrics and KPIs.

    Sustain and Grow the Maturity of Innovation in Your Enterprise

    • Unlock your innovation potential by looking at your innovation projects on both a macro and micro level.
    • Innovation capacity is directly linked with creativity; allow your employees' creativity to flourish using Info-Tech's positive innovation techniques.

    Define Your Digital Business Strategy

    • Design a strategy that applies innovation to your business model, streamline and transform processes, and make use of technologies to enhance interactions with customers and employees.
    • Create a balanced roadmap that improves digital maturity and prepares you for long-term success in a digital economy.

    Research Contributors and Experts

    Kim Osborne Rodriguez

    Kim Osborne Rodriguez
    Research Director, CIO Advisory
    Info-Tech Research Group

    Kim is a professional engineer and Registered Communications Distribution Designer with over a decade of experience in management and engineering consulting spanning healthcare, higher education, and commercial sectors. She has worked on some of the largest hospital construction projects in Canada, from early visioning and IT strategy through to design, specifications, and construction administration. She brings a practical and evidence-based approach, with a track record of supporting successful projects.
    Kim holds a Bachelor's degree in Mechatronics Engineering from University of Waterloo.

    Joanne Lee

    Joanne Lee
    Principal Research Director, CIO Advisory
    Info-Tech Research Group

    Joanne is an executive with over 25 years of experience in digital technology and management consulting across both public and private entities from solution delivery to organizational redesign across Canada and globally.
    Prior to joining Info-Tech Research Group, Joanne was a management consultant within KPMG's CIO management consulting services and the Western Canadas Digital Health Practice lead. She has held several executive roles in the industry with the most recent position as Chief Program Officer for a large $450M EHR implementation. Her expertise spans cloud strategy, organizational design, data and analytics, governance, process redesign, transformation, and PPM. She is passionate about connecting people, concepts, and capital.
    Joanne holds a Master's in Business and Health Policy from the University of Toronto and a Bachelor of Science (Nursing) from the University of British Columbia.

    Jack Hakimian

    Jack Hakimian
    Senior Vice President
    Info-Tech Research Group

    Jack has more than 25 years of technology and management consulting experience. He has served multi-billion-dollar organizations in multiple industries including Financial Services and Telecommunications. Jack also served a number of large public sector institutions.
    He is a frequent speaker and panelist at technology and innovation conferences and events and holds a Master's degree in Computer Engineering as well as an MBA from the ESCP-EAP European School of Management.

    Michael Tweedie

    Michael Tweedie
    Practice Lead, CIO Strategy
    Info-Tech Research Group

    Mike Tweedie brings over 25 years as a technology executive. He's led several large transformation projects across core infrastructure, application, and IT services as the head of Technology at ADP Canada. He was also the Head of Engineering and Service Offerings for a large French IT services firm, focused on cloud adoption and complex ERP deployment and management.
    Mike holds a Bachelor's degree in Architecture from Ryerson University.

    Mike Schembri

    Mike Schembri
    Senior Executive Advisor
    Info-Tech Research Group

    Mike is the former CIO of Fuji Xerox Australia and has 20+ years' experience serving IT and wider business leadership roles. Mike has led technical and broader business service operations teams to value and growth successfully in organizations ranging from small tech startups through global IT vendors, professional service firms, and manufacturers.
    Mike has passion for strategy and leadership and loves working with individuals/teams and seeing them grow.

    John Leidl

    John Leidl
    Senior Director, Member Services
    Info-Tech Research Group

    With over 35 years of IT experience, including senior-level VP Technology and CTO leadership positions, John has a breadth of knowledge in technology innovation, business alignment, IT operations, and business transformation. John's experience extends from start-ups to corporate enterprise and spans higher education, financial services, digital marketing, and arts/entertainment.

    Joe Riley

    Joe Riley
    Senior Workshop Director
    Info-Tech Research Group

    Joe ensures our members get the most value out of their Info-Tech memberships by scoping client needs, current state and desired business outcomes, and then drawing upon his extensive experience, certifications, and degrees (MBA, MS Ops/Org Mgt, BS Eng/Sci, ITIL, PMP, Security+, etc.) to facilitate our client's achievement of desired and aspirational business outcomes. A true advocate of ITSM, Joe approaches technology and technology practices as a tool and enabler of people, core business, and competitive advantage activities.

    Denis Goulet

    Denis Goulet
    Senior Workshop Director
    Info-Tech Research Group

    Denis is a transformational leader and experienced strategist who has worked with 100+ organizations to develop their digital, technology, and governance strategies.
    He has held positions as CIO, Chief Administrative Office (City Manager), General Manager, Vice President of Engineering, and Management Consultant, specializing in enterprise and technology strategy.

    Cole Cioran

    Cole Cioran
    Managing Partner
    Info-Tech Research Group

    I knew I wanted to build great applications that would delight their users. I did that over and over. Along the way I also discovered that it takes great teams to deliver great applications. Technology only solves problems when people, processes, and organizations change as well. This helped me go from writing software to advising some of the largest organizations in the world on how to how to build a digital delivery umbrella of Product, Agile, and DevOps and create exceptional products and services powered by technology.

    Carlene McCubbin

    Carlene McCubbin
    Research Lead, CIO Practice
    Info-Tech Research Group

    During her tenure at Info-Tech, Carlene has led the development of Info-Tech's Organization and Leadership practice and worked with multiple clients to leverage the methodologies by creating custom programs to fit each organization's needs.
    Before joining Info-Tech, Carlene received her Master of Communications Management from McGill University, where she studied development of internal and external communications, government relations, and change management.

    Isabelle Hertanto

    Isabelle Hertanto
    Principal Research Director
    Info-Tech Research Group

    Isabelle Hertanto has over 15 years of experience delivering specialized IT services to the security and intelligence community. As a former federal officer for Public Safety Canada, Isabelle trained and led teams on data exploitation and digital surveillance operations in support of Canadian national security investigations. Since transitioning into the private sector, Isabelle has held senior management and consulting roles across a variety of industry sectors, including retail, construction, energy, healthcare, and the broader Canadian public sector.

    Hans Eckman

    Hans Eckman
    Principal Research Director
    Info-Tech Research Group

    Hans Eckman is a business transformation leader helping organizations connect business strategy and innovation to operational excellence. He supports Info-Tech members in SDLC optimization, Agile and DevOps implementation, CoE/CoP creation, innovation program development, application delivery, and leadership development. Hans is based out of Atlanta, Georgia.

    Valence Howden

    Valence Howden
    Principal Research Director
    Info-Tech Research Group

    With 30 years of IT experience in the public and private sector, Valence has developed experience in many Information Management and Technology domains, with a particular focus in the areas of Service Management, Enterprise and IT Governance, Development and Execution of Strategy, Risk Management, Metrics Design and Process Design, and Implementation and Improvement. Prior to joining Info-Tech, he served in technical and client-facing roles at Bell Canada and CGI Group Inc., as well as managing the design, integration, and implementation of services and processes in the Ontario Public Sector.

    Clayton Gillett

    Clayton Gillett
    Managing Partner
    Info-Tech Research Group

    Clayton Gillett is a Managing Partner for Info-Tech, providing technology management advisory services to healthcare clients. Clayton joined Info-Tech with more than 28 years of experience in health care information technology. He has held senior IT leadership roles at Group Health Cooperative of Puget Sound and OCHIN, as well as advisory or consulting roles at ECG Management Consultants and Gartner.

    Donna Bales

    Donna Bales
    Principal Research Director
    Info-Tech Research Group

    Donna Bales is a Principal Research Director in the CIO Practice at Info-Tech Research Group specializing in research and advisory services in IT risk, governance, and compliance. She brings over 25 years of experience in strategic consulting and product development and has a history of success in leading complex, multi-stakeholder industry initiatives.

    Igor Ikonnikov

    Igor Ikonnikov
    Research Director
    Info-Tech Research Group

    Igor Ikonnikov is a Research and Advisory Director in the Data and Analytics practice. Igor has extensive experience in strategy formation and execution in the information management domain, including master data management, data governance, knowledge management, enterprise content management, big data, and analytics.
    Igor has an MBA from the Ted Rogers School of Management (Toronto, Canada) with a specialization in Management of Technology and Innovation.

    Research Contributors and Experts

    Michael Newcity

    Michael Newcity
    Chief Innovation Officer
    ArcBest

    Kevin Yoder

    Kevin Yoder
    Vice President, Innovation
    ArcBest

    Gary Boyd

    Gary Boyd
    Vice President, Information Systems & Digital Transformation
    Arkansas Blue Cross and Blue Shield

    Brett Trelfa

    Brett Trelfa
    Chief Information Officer
    Arkansas Blue Cross and Blue Shield

    Kristen Wilson-Jones

    Kristen Wilson-Jones
    Chief Technology & Product Officer
    Medcurio

    Note: additional contributors did not wish to be identified

    Bibliography

    Altringer, Beth. "A New Model for Innovation in Big Companies" Harvard Business Review. 19 Nov. 2013. Accessed 30 Jan. 2023. https://hbr.org/2013/11/a-new-model-for-innovation-in-big-companies
    Arpajian, Scott. "Five Reasons Why Innovation Fails" Forbes Magazine. 4 June 2019. Accessed 31 Jan. 2023. https://www.forbes.com/sites/forbestechcouncil/2019/06/04/five-reasons-why-innovation-fails/?sh=234e618914c6
    Baldwin, John & Gellatly, Guy. "Innovation Capabilities: The Knowledge Capital Behind the Survival and Growth of Firms" Statistics Canada. Sept. 2006. Accessed 30 Jan. 2023. https://www.bdc.ca/fr/documents/other/innovation_capabilities_en.pdf
    Bar Am, Jordan et al. "Innovation in a Crisis: Why it is More Critical Than Ever" McKinsey & Company, 17 June 2020. Accessed 12 Jan. 2023. <https://www.mckinsey.com/capabilities/strategy-and-corporate-finance/our-insights/innovation-in-a-crisis-why-it-is-more-critical-than-ever >
    Boston Consulting Group, "Most Innovative Companies 2021" BCG, April 2021. Accessed 30 Jan. 2023. https://web-assets.bcg.com/d5/ef/ea7099b64b89860fd1aa3ec4ff34/bcg-most-innovative-companies-2021-apr-2021-r.pdf
    Boston Consulting Group, "Most Innovative Companies 2022" BGC, 15 Sept. 2022. Accessed 6 Feb. 2023. https://www.bcg.com/en-ca/publications/2022/innovation-in-climate-and-sustainability-will-lead-to-green-growth
    Christensen, Clayton M. The Innovator's Dilemma: When New Technologies Cause Great Firms to Fail. Harvard Business Review Press, 2016.
    Gerber, Niklaus. "What is innovation? A beginner's guide into different models, terminologies and methodologies" Medium. 20 Sept 2022. Accessed 7 Feb. 2023. https://world.hey.com/niklaus/what-is-innovation-a-beginner-s-guide-into-different-models-terminologies-and-methodologies-dd4a3147
    Google X, Homepage. Accessed 6 Feb. 2023. https://x.company/
    Harnoss, Johann D. & Baeza, Ramón. "Overcoming the Four Big Barriers to Innovation Success" Boston Consulting Group, 24 Sept. 2019. Accessed 30 Jan 2023. https://www.bcg.com/en-ca/publications/2019/overcoming-four-big-barriers-to-innovation-success
    Jaruzelski, Barry et al. "Global Innovation 1000 Study" Pricewaterhouse Cooper, 30 Oct. 2018. Accessed 13 Jan. 2023. <https://www.strategyand.pwc.com/gx/en/insights/innovation1000.html>
    Kharpal, Arjun. "Huawei posts first-ever yearly revenue decline as U.S. sanctions continue to bite, but profit surges" CNBC. 28 March 2022. Accessed 7 Feb. 2023. https://www.cnbc.com/2022/03/28/huawei-annual-results-2021-revenue-declines-but-profit-surges.html
    Kirsner, Scott. "The Biggest Obstacles to Innovation in Large Companies" Harvard Business Review, 30 July 2018. Accessed 12 Jan. 2023. <https://hbr.org/2018/07/the-biggest-obstacles-to-innovation-in-large-companies>
    Macrotrends. "Apple Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/AAPL/apple/revenue
    Macrotrends. "Microsoft Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/MSFT/microsoft/revenue
    Macrotrends. "Amazon Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/AMZN/amazon/revenue
    Macrotrends. "Alphabet Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/GOOG/alphabet/revenue
    Macrotrends. "Tesla Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/TSLA/tesla/revenue
    Macrotrends. "Moderna Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/MRNA/moderna/revenue
    Macrotrends. "Sony Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/SONY/sony/revenue
    Macrotrends. "IBM Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/IBM/ibm/revenue
    Macrotrends. "Meta Platforms Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/META/meta-platforms/revenue
    Macrotrends. "NIKE Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/NKE/nike/revenue
    Macrotrends. "Walmart Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/WMT/walmart/revenue
    Macrotrends. "Dell Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/DELL/dell/revenue
    Macrotrends. "NVIDIA Revenue 2010-2022" Macrotrends. Accessed 23 Jan. 2023. https://www.macrotrends.net/stocks/charts/NVDA/nvidia/revenue
    Sloan, Paul. "How to Develop a Vision for Innovation" Innovation Management, 10 Aug. 2009. Accessed 7 Feb. 2023. https://innovationmanagement.se/2009/08/10/how-to-develop-a-vision-for-innovation/
    Statista. "Samsung Electronics' global revenue from 2005 to 2021" Statista. Accessed 7 Feb. 2023. https://www.statista.com/statistics/236607/global-revenue-of-samsung-electronics-since-2005/
    Tichy, Noel & Ram Charan. "Speed, Simplicity, Self-Confidence: An Interview with Jack Welch" Harvard Business Review, 2 March 2020. Accessed 7 Feb. 2023. https://hbr.org/1989/09/speed-simplicity-self-confidence-an-interview-with-jack-welch
    Weick, Karl and Kathleen Sutcliffe. Managing the Unexpected: Sustained Performance in a Complex World, Third Edition. John Wiley & Sons, 2015.
    Xuan Tian, Tracy Yue Wang, Tolerance for Failure and Corporate Innovation, The Review of Financial Studies, Volume 27, Issue 1, 2014, Pages 211–255, Accessed https://doi.org/10.1093/rfs/hhr130

    Optimize Social Media Strategy by Service

    • Buy Link or Shortcode: {j2store}562|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $12,599 Average $ Saved
    • member rating average days saved: 5 Average Days Saved
    • Parent Category Name: Marketing Solutions
    • Parent Category Link: /marketing-solutions
    • Many organizations are jumping the gun on service selection and missing valuable opportunities to tap into conversations their consumers are having about them.
    • Companies are struggling to harness real benefits from social media because they dive into content and engagement strategy without spending the appropriate amount of time on social media service selection.
    • After organizations have selected the appropriate social media services, clients fail to understand best practices for participating in conversations and therefore are unable to optimize their success on each service.

    Our Advice

    Critical Insight

    • Conventional wisdom dictates that you should pick the social network where you have the greatest subscriber base to reach, but this is irrelevant. Organizations need to consider all the social media services available when selecting services, to ensure they are optimizing their social media strategy and interacting with the right people.
    • In today’s social media landscape there is a wide variety of social media services to choose from. Services range from hot micro-blogging services, like Twitter, to more niche social multimedia services, like Flickr or Vimeo.
    • Each department should manage its set of relevant services regardless of platform. For example a marketing manager should manage all social media services in marketing, rather than have one person manage all Twitter feeds, one person manage all Facebook pages, etc.
    • The services your organization selects shouldn’t operate as islands. Consider not only how the services will fit with each other, but also how they will fit with existing channels. Use a market coverage model to ensure the services you select are complementing each other.
    • The landscape for social media services changes rapidly. It is essential to conduct an audit of services to maintain an optimal mix of services. Conduct the audit semi-annually for best effect.

    Impact and Result

    • Learn about the importance of choosing the correct services to ensure you are reaching your consumers and not wasting time playing with the wrong people.
    • Understand the business use cases for each service and best practices for using them.
    • Leverage different social media services to create a market coverage model that balances social media services with your products/services and business objectives.
    • Identify the risks associated with specific platforms and ensure IT works to mitigate them.
    • Create a plan for conducting a Social Media Service Audit to stay on top of changing trends.

    Optimize Social Media Strategy by Service Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Create the right social media service mix

    Understand the different social media services, their unique value propositions for customer interaction, and the content and timing best practices for each.

    • Storyboard: Optimize Social Media Strategy by Service
    • Social Media Service Selection Tool

    2. Execute a plan for social service selection and management

    Leverage different social media services to create a market coverage model and assign responsibilities.

    3. Perform a semi-annual social media service audit

    Conduct an audit to stay on top of changing trends.

    • Social Media Services Audit Template
    [infographic]

    How to build a Service Desk Chatbot POC

    • Buy Link or Shortcode: {j2store}16|cart{/j2store}
    • Related Products: {j2store}16|crosssells{/j2store}
    • member rating overall impact (scale of 10): 9.7/10
    • member rating average dollars saved: 11,197
    • member rating average days saved: 8
    • Parent Category Name: Service Desk
    • Parent Category Link: /service-desk

    The challenge

    Build a chatbot that creates value for your business

     

    • Ensure your chatbot meets your business needs.
    • Bring scalability to your customer service delivery in a cost-effective manner.
    • Measure your chatbot objectives with clear metrics.
    • Pre-determine your ticket categories to use during the proof of concept.

    Our advice

    Insight

    • Build your chatbot to create business value. Whether increasing service or resource efficiency, keep value creation in mind when making decisions with your proof of concept.

    Impact and results 

    • When implemented effectively, chatbots can help save costs, generate new revenue, and ultimately increase customer satisfaction for external and internal-facing customers.

    The roadmap

    Read our concise Executive Brief to find out why you building a chatbot proof of concept is a good idea, review our methodology, and understand the four ways we can support you to successfully complete this project. Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    Start here

    Form your chatbot strategy.

    Build the right metrics to measure the success of your chatbot POC

    • Chatbot ROI Calculator (xls)
    • Chatbot POC Metrics Tool (xls)

    Build the foundation for your chatbot.

    Architect the chatbot to maximize business value

    • Chatbot Conversation Tree Library

    Continue to improve your chatbot.

    Now take your chatbot proof of concept to production

    • Chatbot POC RACI (doc)
    • Chatbot POC Implementation Roadmap (xls)
    • Chatbot POC Communication Plan (doc)Chatbot ROI Calculator (xls)

    Maximize Value From Your Value-Added Reseller (VAR)

    • Buy Link or Shortcode: {j2store}215|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management

    Organizations need to understand their value-added reseller (VAR) portfolio and the greater VAR landscape to better:

    • Manage the VAR portfolio.
    • Understand additional value each VAR can provide.
    • Maximize existing VAR commitments.
    • Evaluate the VARs’ performance.

    Our Advice

    Critical Insight

    VARs typically charge more for products because they are in some way adding value. If you’re not leveraging any of the provided value, you’re likely wasting money and should use a basic commodity-type reseller for procurement.

    Impact and Result

    This project will provide several benefits to Vendor Management and Procurement:

    • Defined VAR value and performance tracking.
    • Manageable portfolio of VARs that fully benefit the organization.
    • Added training, licensing advice, faster quoting, and invoicing resolution.
    • Reduced deployment and logistics costs.

    Maximize Value From Your Value-Added Reseller (VAR) Research & Tools

    Start here – read the Executive Brief

    Read our informative Executive Brief to find out why you should maximize value from your value-added reseller, review Info-Tech’s methodology, and understand the three ways to better manage your VARs improve performance and reduce costs.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Organize and prioritize

    Organize all your VARs and create a manageable portfolio detailing their value, specific, product, services, and certifications.

    • Maximize Value From Your Value-Added Reseller – Phase 1: Organize and Prioritize
    • VAR Listing and Prioritization Tool

    2. “EvaluRate” your VARs

    Create an in-depth evaluation of the VARs’ capabilities.

    • Maximize Value From Your Value-Added Reseller – Phase 2: EvaluRate Your VARs
    • VAR Features Checklist Tool
    • VAR Profile and EvaluRation Tool

    3. Consolidate and reduce

    Assess each VAR for low performance and opportunity to increase value or consolidate to another VAR and reduce redundancy.

    • Maximize Value From Your Value-Added Reseller – Phase 3: Consolidate and Reduce

    4. Maximize their value

    Micro-manage your primary VARs to ensure performance to commitments and maximize their value.

    • Maximize Value From Your Value-Added Reseller – Phase 4: Maximize Their Value
    • VAR Information and Scorecard Workbook
    [infographic]

    Social Media Management Software Selection Guide

    • Buy Link or Shortcode: {j2store}570|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Marketing Solutions
    • Parent Category Link: /marketing-solutions
    • Social media has changed the way businesses interact with their customers. It is essential to engage with your customers regularly and in a timely manner.
    • Businesses must stay on top of the latest news and update the public regarding the status of downtime or any mishaps.
    • Customers are present in multiple social media platforms, and it is important for businesses to engage with all audiences without alienating one group.

    Our Advice

    Critical Insight

    • There are many social media platforms, and any post, image, or other content must be uploaded on all the platforms with minimal delay.
    • It is often difficult to manage replies and responses to all social media platforms promptly.
    • Measuring key performance metrics is crucial to obtain targeted ROI. Calculating ROI across multiple platforms with various audiences is a challenge.

    Impact and Result

    • A business’ social media presence is an extension of the organization, and the social media management strategy must align with the organization's values.
    • Choose a social media management platform that is right for you by aligning your needs without falling for bells and whistles. Vendors offer a lot of features that are not helpful for most day-to-day activities.
    • Ensure the social media management platform has support and integrations for all the platforms that you require.

    Social Media Management Software Selection Guide Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Social Media Management Software Selection Guide – A deck outlining the features of SMMP tools and top vendors in the marketspace.

    This research offers insight into web analytic tools, key trends in the marketspace, and advanced web analytics techniques. It also provides an overview of the ten top vendors in the marketspace.

    • Social Media Management Software Selection Guide Storyboard
    [infographic]

    Further reading

    Social Media Management Software Selection Guide

    Identify the best tools for your social media management needs.

    Analyst Perspective

    Connecting through social media is an essential way to understand and engage with your customers.

    Social media management platforms (SMMP) allow businesses to engage with customers more efficiently. Ten years ago, Facebook and Twitter dominated the social media space, but many alternatives have emerged that attract a wide variety of audiences today. Every social media platform has a unique demographic; for instance, LinkedIn attracts an audience looking to develop their professional career, while Snapchat attracts those who want to share their everyday casual experience.

    It is important for businesses and brands to engage with all kinds of audiences without alienating a certain group. Domino's, for example, can sell pizzas to business professionals and teenagers alike, so connecting with both customer segments via personalized and meaningful posts in their preferred platform is a great way to grow their business.

    To successfully implement a social media management platform, organizations need to ensure they have their requirements and business needs shortlisted and choose vendors that ensure the best return on investment (ROI).

    An image of Sai Krishna Rajaramagopalan
    Sai Krishna Rajaramagopalan
    Research Specialist, Customer Experience & Application Insights
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    • Social media has changed the way businesses interact with customers. It is essential to engage with your them regularly and in a timely manner.
    • Businesses must stay on top of the latest news and update the public regarding any downtime or mishaps.
    • Customers are present on multiple social media platforms, and businesses need to engage all audiences without neglecting or alienating any one group.

    Common Obstacles

    • There are many social media platforms, and any post, image, or other content must be uploaded on every platform with minimal delay.
    • It is often difficult to manage audience interaction on all social media platforms in a timely manner.
    • Measuring key performance metrics is crucial to obtaining the targeted ROI. Calculating ROI across multiple platforms with varying audiences is a challenge.

    Info-Tech's Approach

    • Social media presence is an extension of the organization, and the social media management strategy must align with organizational values.
    • Understand your feature requirements and don't for bells and whistles. Vendors offer many features that are not helpful during 80% of day-to-day activities. Choose the SMMP that is right for your organization's needs.
    • Ensure the SMMP has support and integrations for all the platforms that you require.

    Info-Tech Insight

    Choosing a good SMMP is only the first step. Having great social media managers who understand their audience is essential in maintaining a healthy relationship with your audience.

    Guided Implementation

    What does a typical GI on this topic look like?

    Phase 1 Phase 2

    Call #1: Understand what a social media management platform (SMMP) is.
    Call #2: Build the business case to select an SMMP.

    Call #3: Define your key SMMP requirements.
    Call #4: Build procurement items, such as a request for proposal (RFP).
    Call #5: Evaluate the SMMP solution landscape and shortlist viable options.

    A Guided implementation (GI) is a series of calls with an Info-Tech analyst to help implement our best practices in your organization.

    The SMMP selection process should be broken into segments:

    1. SMMP shortlisting with this buyer's guide
    2. Structured approach to selection
    3. Contract review

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.”

    Guided Implementation

    “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.”

    Workshop

    “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.”

    Consulting

    “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”

    Diagnostics and consistent frameworks used throughout all four options

    What exactly is an SMMP platform?

    A social media management platform is a software solution that enables businesses and brands to manage multiple social media accounts. It facilitates making posts, monitoring metrics, and engaging with your audience.

    An SMMP platform offers many key features, including but not limited to the following capabilities:

    • Integrate with popular social media platforms
    • Post images, text, videos on multiple platforms at once
    • Schedule posts
    • Track and monitor activity on social media accounts
    • Send replies and view likes and comments across all accounts
    • Reporting and analytics
    • Send alerts and notifications regarding key events
    • Multilingual support and translation

    Info-Tech Insight

    Social media management platforms have continuously expanded their features list. It is, however, essential not to get lost in endless features to remain competitive and ensure the best ROI.

    Key trends – short-form videos drive the most engagement

    Short-form videos

    Short-form videos are defined as videos less than two minutes long. Shorter videos take substantially less time and effort to consume, making them very attractive for marketing brands to end users. According to a study conducted by Vidyard, more than 50% of viewers end up watching an entire video if it's less than one minute. Another study finds that over 93% of the surveyed brands sold their product or service to a customer through a social media video.

    Popular social media platforms such as TikTok, Instagram, YouTube etc. have caught on to this trend and introduced short-form videos, more commonly called "shorts". It's also common for content creators and brands to cut and upload short clips from longer videos to drive more engagement with viewers.

    Key Trends

    Short-form videos have higher viewership and view time compared to long videos.

    58%

    About 58% of viewers watch the video to the end if it’s under one minute long. A two-minute video manages to keep around 50% of its viewers till the end.
    Source: Oberlo, 2020

    30%

    Short-form videos have the highest ROI of any social media marketing at 30%.
    Source: Influencer Marketing Hub, 2023

    Key trends – influencer marketing

    Influencer marketing

    Influencer marketing is the collaboration of brands with online influencers and content creators across various social media platforms to market their products and services. Influencers are not necessarily celebrities; they can be any individual with a dedicated community. This makes influencers abundant. For instance, compare the number of popular football players with the number of YouTubers on the planet.

    Unlike traditional marketing methods, influencer marketing is effective across different budget levels. This is because the engagement level of small influencers with 10,000 followers is higher than the engagement level of large influencers with millions of followers. If a brand is budget conscious, working with smaller influencers still gives a good ROI. For every dollar spent on influencer marketing, the average ROI is $5.78.

    Key Trends

    61%

    A recent study by Matter found that 61% of consumers trust influencers' recommendations over branded social media content.
    Source: Shopify, 2022

    According to data gathered by Statista, the influencer marketing industry has more than doubled since 2019. It was worth $16.4 billion in 2022.
    Source: Statista, 2023

    Executive Brief Case Study

    INDUSTRY: Retail
    SOURCE: "5 Influencer Marketing Case Studies," HubSpot

    H&M

    H&M was looking to build awareness and desirability around the brand to drive clothing sales during the holiday season. They decided to partner with influencers and align content with each celebrity's personality and lifestyle to create authentic content and messaging for H&M. H&M selected four lesser-known celebrities with highly engaged and devoted social media followings: Tyler Posey, Peyton List, Jana Kramer, and Hannah Simone.

    They posted teaser clips across various platforms to create buzz about the campaign a couple of days before the full, one-minute videos were released. Presenting the content two different times enabled H&M to appeal to more viewers and increase the campaign's visibility. Two of the celebrities, List and Kramer, garnered more views and engagement on the short clip than the full video, highlighting that a great short clip can be more effective than long-form content.

    Results

    The campaign achieved 12 million views on YouTube, 1.3 million likes, 14,000 comments, and 19,000 shares. The average engagement with consumers across all four celebrities was 10%.

    A screenshot of Tyler Posey's sponsored video.

    Tyler Posey's sponsored video achieved:

    • 25% engagement rate on Instagram
    • 14% engagement rate across Facebook, Twitter, and Instagram

    Key trends – social commerce is the future of e-commerce

    Social commerce

    Social commerce is the selling of goods and services through social media. This may involve standalone stores on social media platforms or promotions on these platforms which link to traditional e-commerce platforms.

    Social media platforms contain more data about consumers than traditional platforms, which allows more accurate targeting of ads and promotions. Additionally, social commerce can place ads on popular influencer stories and posts, taking advantage of influencer marketing without directly involving the influencers.

    Popular platforms have opened their own built-in stores. Facebook created Marketplace and Facebook Shops. TikTok soon followed with the TikTok Shopping suite. These stores allow platforms to lower third-party costs and have more control over which products are featured. This also creates a transactional call to action without leaving social media.

    Key Trends

    2020 saw a sizable increase in social commerce occurring on social media networks, with users making purchases directly from their social accounts.

    30.8%

    Sales through social commerce are expected to grow about 30.8% per year from 2020 to 2025. The growth rate is expected to increase to 35% in 2026.
    Source: Oberlo, 2020

    46%

    China has the highest social commerce adoption rate in the world, with 46% of all internet users making at least one purchase. The US is second with a 36% adoption rate.
    Source: Influencer Marketing Hub, 2022

    Executive Brief Case Study

    BestBuy

    The Twitter Shop Module allows select brands to showcase products at the top of Twitter business profiles. Users can scroll through a carousel of products on a brand's profile and tap on individual products to read more and make purchases without leaving the platform.

    While the results of Twitter's Shop Module experiment are still pending, brands aren't waiting around to sell on the platform. Best Buy and others continue to link to well-formatted product pages directly in their Tweets.

    Clear, direct calls to action such as "Pick yours up today" encourage interested audiences to click through, learn more, and review options for purchase. In this social commerce example, Best Buy also makes optimal use of a Tweet's character limit. In just a few words, the brand offers significant savings for a high-quality product, then doubles down with a promotional trade-in offer. Strong imagery is the icing on the cake.

    INDUSTRY: Retail
    SOURCE: "5 genius social commerce examples," Sprout Social, 2021

    Image shows a social media post by Best Buy.

    Key trends – social media risk management is crucial

    Crisis management

    Crisis management is the necessary intervention from an organization when negative news spreads across social media platforms. With how interconnected people are due to social media, news can quickly spread across different platforms.

    Organizations must be prepared for difficult situations such as negative feedback for a product or service, site outages, real-world catastrophes or disasters, and negative comments toward the social media handle. There are tools that organizations can use to receive real-time updates and be prepared for extreme situations.

    While the causes are often beyond control, organizations can prepare by setting up a well-constructed crisis management strategy.

    Key Trends

    75%

    75% of respondents to PwC's Global Crisis Survey said technology has facilitated the coordination of their organization's crisis response team.
    Source: PwC, 2021

    69%

    69% of business leaders reported experiencing a crisis over a period of five years, with the average number of crises being three.
    Source: PwC, 2019

    Executive Brief Case Study

    INDUSTRY: Apparel
    SOURCE: “Social Media Crisis Management 3 Examples Done Right,” Synthesio

    Nike

    On February 20, 2019, Zion Williamson, a star player from Duke University, suffered a knee injury when a malfunctioning Nike shoe fell apart. This accident happened less than a minute into a highly anticipated game against North Carolina. Media outlets and social media users quickly began talking. ESPN had broadcast the game nationally. On Twitter, former President Barack Obama, who was watching the game courtside, expressed his well-wishes to Williamson, as did NBA giants like LeBron James.

    This accident was so high profile that Nike stock dropped 1.7% the following day. Nike soon released a statement expressing its concern and well-wishes for Williamson. The footwear megabrand reassured the world that its teams were "working to identify the issue." The following day, Nike sent a team to Durham, North Carolina, where the game took place. This team then visited Nike's manufacturing site in China and returned with numerous suggestions.

    About a month later, Williamson returned to the court with custom shoes, which he told reporters were "incredible." He thanked Nike for creating them.

    An image of a post by Time about Zion Williamson's injury.

    Get to know the key players in the SMMP landscape

    These next slides provide a top-level overview of the popular players you will encounter in the SMMP shortlisting process.

    A collection of the logos for the SMPP key players, discussed later in this blueprint.

    Evaluate software category leaders through vendor rankings and awards

    SoftwareReviews

    An Image of SoftwareReviews data quadrant analysis

    The data quadrant is a thorough evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions.
    Vendors are ranked by their composite score, based on individual feature evaluations, user satisfaction rankings, vendor capability comparisons, and likeliness to recommend the platform.

    An image of SoftwareReviews Emotional Footprint.

    The emotional footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions.
    Vendors are ranked by their customer experience (CX) score, which combines the overall emotional footprint rating with a measure of the value delivered by the solution.

    Speak with category experts to dive deeper into the vendor landscape

    SoftwareReviews

    CLICK HERE to ACCESS

    Comprehensive software reviews

    to make better IT decisions

    We collect and analyze the most detailed reviews on enterprise software from real users to give you an unprecedented view into the product and vendor before you buy.

    Fact-based reviews of business software from IT professionals.

    Product and category reports with state-of-the-art data visualization.

    Top-tier data quality backed by a rigorous quality assurance process.

    User-experience insight that reveals the intangibles of working with a vendor.

    SoftwareReviews is powered by Info-Tech

    Technology coverage is a priority for Info-Tech and SoftwareReviews provides the most comprehensive unbiased data on today's technology. Combined with the insight of our expert analysts, our members receive unparalleled support in their buying journey.

    The logo for HubSpot

    Est. 2006 | MA, USA | NYSE: HUBS

    bio

    From attracting visitors to closing customers, HubSpot brings the entire marketing funnel together for less hassle, more control, and an inbound marketing strategy.

    An image of SoftwareReviews analysis for HubSpot

    SoftwareReviews' SMMP Rankings

    Strengths:

    • Extensive functionality
    • Great for midmarket and large enterprises
    • Offers free trial

    Areas to improve:

    • Comparatively expensive
    • Steep price increase between various tiers of offering

    The logo for HubSpot

    *Pricing correct as of November 2022. Listed in USD and absent discounts.
    See pricing on vendor's website for latest information.

    HubSpot offers a robust social media management platform that enables organizations to run all social media campaigns from a central location. HubSpot is suitable for a range of midmarket and enterprise use cases. HubSpot offers a free base version of the platform that freelancers and start-ups can take advantage of. The free version can also be used to trial the product prior to deciding on purchase.

    However, HubSpot is relatively expensive compared to its competitors. The free tools are not sustainable for growing businesses and some essential features are locked behind professional pricing. The price increase from one tier to another – specifically from starter to professional – is steep, which may discourage organizations looking for a "cheap and cheerful" product.

    History

    An image of the timeline for HubSpot

    Starter

    • Starts at $45
    • Per month
    • Small businesses

    Professional

    • Starts at $800
    • Per month
    • Medium/large businesses

    Enterprise

    • Starts at $3600
    • Per month
    • Large enterprises

    The logo for Sprout Social

    Est. 2010 | IL, USA | NASDAQ: SPT

    bio

    People increasingly turn to social media to engage with your business. Sprout Social provides powerful tools to personally connect with customers, solve issues, and create brand advocates.

    An image of SoftwareReviews analysis for Sprout Social

    SoftwareReviews' SMMP Rankings

    Strengths:

    • Automated response feature
    • Great price for base offering

    Areas to improve:

    • Advanced features are very expensive
    • No free trial offered

    The logo for Sprout Social

    *Pricing correct as of November 2022. Listed in USD and absent discounts.
    See pricing on vendor's website for latest information.

    Sprout Social offers strong social feed management and social customer service capabilities. It also provides powerful analytical tools to monitor multiple social media accounts. The listening functionality helps discover trends and identify gaps and opportunities. It is also one of the very few platforms to provide automated responses to incoming communications, easing the process of managing large and popular brands.

    Although the starting price of each tier is competitive, advanced analytics and listening come at a steep additional cost. Adding one additional user to the professional tier costs $299 which is a 75% increase in cost. Sprout Social does not offer a free tier for small businesses to trial.

    History

    An image of the timeline for Sprout Social

    Standard

    • Starts at $249
    • Per month
    • Small businesses
    • Five social profiles

    Professional

    • Starts at $399
    • Per month
    • Medium/large businesses

    Advanced

    • Starts at $499
    • Per month
    • Medium/large businesses

    Enterprise

    • Opaque pricing
    • Request a quote
    • Large enterprises

    The logo for Hootsuite

    Est. 2008 | BC, CANADA |PRIVATE

    bio

    Manage social networks, schedule messages, engage your audiences, and measure ROI right from the dashboard.

    SoftwareReviews' SMMP Rankings

    Strengths:

    • Automatic scheduling functionality
    • Competitor analysis
    • 30-day free trial

    Areas to improve:

    • Advanced functionalities require additional purchase and are expensive

    The logo for Hootsuite

    *Pricing correct as of November 2022. Listed in USD and absent discounts.
    See pricing on vendor's website for latest information.

    Hootsuite is one of the largest players in the social media management space with over 18 million users. The solution has great functionality covering all the popular social media platforms like Facebook, Instagram, Twitter, and Pinterest. One popular and well-received feature is the platform’s ability to schedule posts in bulk. Hootsuite also provides an automatic scheduling feature that uses algorithms to determine the optimal time to post to maximize viewership and engagement. Additionally, the platform can pull analytics for all competitors in the same marketspace as the user to compare performance.

    Hootsuite offers buyers a 30-day free trial to familiarize with the platform and provides unlimited post scheduling across all their plans. Features like social listening, employee advocacy, and ROI reporting, however, are not included in these plans and require additional purchase.

    History

    An image of the timeline for Hootsuite

    Professional

    • Starts at $49*
    • Per month
    • 1 user and 10 social accounts

    Team

    • Starts at $249*
    • Per month
    • 3 users and 20 social accounts

    Business

    • Starts at $739*
    • Per month
    • 5 users and 35 social accounts

    Enterprise

    • Custom built and priced
    • Starts at 5 users and 50 social accounts

    The logo for Sprinklr

    Est. 2009 | NY, USA | NYSE: CXM

    bio

    With social engagement & sales, you can deliver a positive experience that's true to your brand - no matter where your customers are digitally - from a single, unified platform.

    An image of SoftwareReviews analysis for Sprinklr

    SoftwareReviews' SMMP Rankings

    Strengths

    • Extensive social analytics functionality
    • Advertising and sales capabilities

    Areas to improve:

    • Not suitable for small to medium businesses
    • Opaque pricing

    The logo for Sprinklr

    Sprinklr is a vendor focused on enterprise-grade capabilities that offers a comprehensive unified customer experience management (CXM) platform.

    Their product portfolio offers an all-in-one solution set with an extensive list of features to accommodate all marketing and communication needs. Sprinklr comes integrated with products consisting of advertising, marketing, engagement, and sales capabilities. Some of the key functionality specific to social media includes sentiment analysis, social reporting, advanced data filtering, alerts and notifications, competitor analysis, post performance, and hashtag analysis.

    History

    An image of the timeline for Sprinklr

    Sprinklr – Opaque Pricing:
    "Request a Demo"

    The logo for Zoho Social

    Est. 1996 | TN, INDIA | PRIVATE

    bio

    Zoho Social is a complete social media management tool for growing businesses & agencies. It helps schedule posts, monitor mentions, create unlimited reports, and more. Zoho Social is from Zoho.com—a suite of 40+ products trusted by 30+ million users.

    An image of SoftwareReviews analysis for Zoho Social” data-verified=

    SoftwareReviews' SMMP Rankings

    Strengths:

    • Provides integration capabilities with other Zoho products
    • Competitive pricing

    Areas to improve:

    • Base functionality is limited
    • The two starting tiers are limited to one user

    The logo for Zoho Social

    *Pricing correct as of August 2021. Listed in USD and absent discounts.
    See pricing on vendor's website for latest information.

    Zoho differentiates itself from competitors by highlighting integration with other products under the Zoho umbrella – their adjacent tool sets allow organizations to manage emails, projects, accounts, and webinars. Zoho also offers the choice of purchasing their social media management tool without any of the augmented CRM capabilities, which is priced quite competitively.

    The social media management tools are offered in three plans. Each plan allows the ability to publish and schedule posts across nine platforms, access summary reports and analytics, and access a Bit.ly integration & URL shortener. The standard and professional plans are limited to one brand and one team member, with the option to add team members or social channels for an additional cost.

    YouTube support is exclusive to the premium offering.

    History

    An image of the timeline for Zoho Social

    Standard

    • Starts at $10*
    • Per month, billed annually
    • 9 channels and 1 team member

    Professional

    • Starts at $30*
    • Per month, billed annually
    • Option to add team members for additional cost

    Premium

    • Starts at $40*
    • Per month, billed annually
    • Starts at 10 channels and 3 team members

    The logo for MavSocial

    Est. 2012 | CA, USA | PRIVATE

    bio

    MavSocial is a multi-award-winning, fully integrated social media management & advertising solution for brands and agencies.

    An image of SoftwareReviews analysis for MavSocial

    SoftwareReviews' SMMP Rankings

    Strengths

    • Content management capabilities
    • Offers millions of stock free images

    Areas to improve:

    • Limited market footprint compared to competitors
    • Not ideal for large enterprises

    The logo for MavSocial

    *Pricing correct as of November 2022. Listed in USD and absent discounts.
    See pricing on vendor's website for latest information.

    In addition to social media management, MavSocial is also an excellent content management tool. A centralized platform is offered that can store many photos, videos, infographics, and more, which can be accessed anytime. The solution comes with millions of free stock images to use. MavSocial is a great hybrid social media and content management solution for small and mid-sized businesses and larger brands that have dedicated teams to manage their social media. MavSocial also offers campaign planning and management, scheduling, and social inbox functionality. The entry-level plan starts at $78 per month for three users and 30 profiles. The enterprise plan offers fully configurable and state-of-the-art social media management tools, including the ability to manage Facebook ads.

    History

    An image of the timeline for MavSocial

    Pro

    • Starts at $78*
    • Per month
    • Max. 3 users and 30 Profiles

    Business

    • Starts at $249*
    • Per month
    • 5 users, 40 profiles
    • Ability to expand users and profiles

    Enterprise

    • Starts at $499*
    • Per month
    • Fully customized

    The logo for Khoros

    Est. 2019 | TX, USA | PRIVATE

    bio

    Use the Khoros platform (formerly Spredfast + Lithium) to deliver an all-ways connected experience your customers deserve.

    An image of SoftwareReviews analysis for Khoros

    SoftwareReviews' SMMP Rankings

    Strengths

    • Offers a dedicated social strategic service team
    • Extensive functionality

    Areas to improve:

    • Opaque pricing
    • Not suitable for small or medium businesses

    The logo for Khoros

    Khoros is the result of the merger between two social marketing platforms - Spredfast and Lithium. The parent companies have over a decade of experience offering social management tools. Khoros is widely used among many large brands such as StarHub and Randstad. Khoros is another vendor that is primarily focused on large enterprises and does not offer plans for small/medium businesses. Khoros offers a broad range of functionality such as social media marketing, customer engagement, and brand protection with visibility and controls over social media presence. Khoros also offers a social strategic services team to manage content strategy, brand love, reporting, trend tracking, moderation, crisis and community management; this team can be full service or a special ops extension of your in-house crew.

    History

    An image of the timeline for Khoros

    Khoros – Opaque Pricing:
    "Request a Demo"

    The logo for Sendible

    Est. 2009 | UK | PRIVATE

    bio

    Sendible allows you to manage social networks, schedule messages, engage your audiences, and measure ROI right from one easy-to-use dashboard.

    An image of SoftwareReviews analysis for Sendible

    SoftwareReviews' SMMP Rankings

    Strengths

    • Great integration capabilities
    • Competitive pricing
    • Scheduling functionality

    Areas to improve:

    • Limited footprint compared to competitors
    • Better suited for agencies

    The logo for Sendible

    *Pricing correct as of November 2022. Listed in USD and absent discounts.
    See pricing on vendor's website for latest information.

    Sendible primarily markets itself to agencies rather than individual brands or businesses. Sendible's key value proposition is its integration capabilities. It can integrate with 17 different tools including Meta, Twitter, Instagram, LinkedIn, Google My Business (GMB), YouTube, WordPress, Canva, Google Analytics, and Google Drive. In addition to normal reporting functionality, the Google Analytics integration allows customers to track clickthrough and user behavior for traffic coming from social media channels.

    All plans include the functionality to schedule at least ten posts. Sendible offers excellent collaboration tools, allowing teams to work on assigned tasks and have content approved before they are scheduled to ensure quality control. Sendible offers four plans, with the option to save an additional 15% by signing up for annual payments.

    History

    An image of the timeline for Sendible

    Creator

    • Starts at $29
    • Price per month
    • For freelancers
    • One brand

    Traction

    • Starts at $89
    • Price per month
    • Start-up agencies & brands. 4+ brands

    Scale

    • Starts at $199
    • Price per month
    • For growing agencies & brands

    Custom

    • Opaque pricing
    • Request a quote
    • For large teams & agencies

    The logo for Agorapulse

    Est. 2010 | FRANCE | PRIVATE

    bio

    Agorapulse is an affordable social media dashboard that helps businesses and agencies easily publish content and manage their most important conversations on their social networks.

    An image of SoftwareReviews analysis for Agorapulse

    SoftwareReviews' SMMP Rankings

    Strengths

    • ROI calculation for Facebook
    • Competitor analysis
    • Social inbox functionality

    Areas to improve:

    • Targeted toward agencies
    • Advanced features can't be purchased under lower tier plans

    The logo for Agorapulse

    *Pricing correct as of November 2022. Listed in USD and absent discounts.
    See pricing on vendor's website for latest information.

    Although Agorapulse offers the solution for both agencies and business, they primarily focus on agencies. In addition to the standard social media management functionality, Agorapulse also offers features such as competitor analysis and Facebook contest apps at an affordable price point. They also offer social inbox functionality, allowing the ability to manage the inbox and reply to any message or comment across all social profiles through a single platform.

    The solution is offered in three plans. The pro plan allows ten social profiles and two users. Additional social profiles and users can only be purchased under the premium plan. All plans include ROI calculation for Facebook, but if you want this functionality for other platforms, that's exclusive to the enterprise plan.

    History

    An image of the timeline for Agorapulse

    Pro

    • Starts at $79
    • Price per month
    • 10 social profiles and 2 users

    Premium

    • Starts at $199
    • Price per month
    • 20 social profiles and 2 brands

    Enterprise

    • Opaque pricing
    • 40+ social profiles and 8+ users

    The logo for Buffer

    Est. 2010 | CA, USA | PRIVATE

    bio

    A better way to manage social media for your business. Buffer makes it easy to manage your business' social media accounts. Schedule posts, analyze performance, and collaborate with your team — all in one place.

    An image of SoftwareReviews analysis for Buffer

    SoftwareReviews' SMMP Rankings

    Strengths

    • Competitive pricing
    • Scheduling functionality
    • Mobile app

    Areas to improve:

    • Not suited for medium to large enterprises
    • Limited functionality

    The logo for Buffer

    *Pricing correct as of November 2022. Listed in USD and absent discounts.
    See pricing on vendor's website for latest information.

    Buffer is a social media platform targeted toward small businesses. It is a great cost-effective option for those who want to manage a few social media profiles, with a free plan that lets one user access three social channels. At $5 per month, it's a great entry point for smaller companies to invest in social media management tools, offering functionality like post scheduling and link shortening and optimization tools for hashtags, tags, and mentions across platforms. All plans provide a browser extension, access to a mobile app, two-factor authentication, social media and email support, and access to the Buffer community. Customers can also trial any of the plans for 14 days before purchasing.

    history

    An image of the timeline for Buffer

    Essentials

    • Starts at $5
    • Per month per channel
    • Basic functionality

    Team

    • Starts at $10
    • Per month per channel
    • Adds reporting capabilities

    Agency

    • Starts at $100
    • Per month per channel

    Leverage Info-Tech's research to plan and execute your SMMP implementation

    Use Info-Tech Research Group's three-phase implementation process to guide your own planning.

    • Assess
    • Prepare
    • Govern & Course Correct

    An image of the title page for Info-Tech's governance and management of enterprise software implementation

    Establish and execute an end-to-end, Agile framework to succeed with the implementation of a major enterprise application.

    Visit this link

    Ensure your implementation team has a high degree of trust and communication

    If external partners are needed, dedicate an internal resource to managing vendor and partner relationships.

    Communication

    Teams must have a communication strategy. This can be broken into:

    • Regularity: Having a set time each day to communicate progress and a set day to conduct retrospectives.
    • Ceremonies: Introducing awards and continually emphasizing delivery of value can encourage relationship building and constructive motivation.
    • Escalation: Voicing any concerns and having someone responsible for addressing those concerns.

    Proximity

    Distributed teams create complexity as communication can break down. This can be mitigated by:

    • Location: Placing teams in proximity can close the barrier of geographical distance and time zone differences.
    • Inclusion: Making a deliberate attempt to pull remote team members into discussions and ceremonies.
    • Communication tools: Having the right technology (e.g. video conference) can help bring teams closer together virtually.

    Trust

    Members should trust other members to contribute to the project and complete required tasks on time. Trust can be developed and maintained by:

    • Accountability: Having frequent quality reviews and feedback sessions. As work becomes more transparent, people become more accountable.
    • Role clarity: Having a clear definition of everyone's role.

    Summary of Accomplishment

    Knowledge Gained

    • What a social media management platform (SMMP) is
    • The history of SMMP
    • The future of SMMP
    • Key trends in SMMP

    Processes Optimized

    • Requirements gathering
    • Requests for proposal (RFPs) and contract reviews
    • SMMP vendor selection
    • SMMP implementation

    SMMP Vendors Analyzed

    • Sprout Social
    • HubSpot
    • Zoho Social
    • Khoros
    • Agorapulse
    • Hootsuite
    • Sprinklr
    • MavSocial
    • Sendible
    • Buffer

    Related Info-Tech Research

    Select and Implement a Social Media Management Platform

    • SMMPs reduce complexity and increase the results of enterprise social media initiatives.

    Social Media

    • The Social Media workshop provides clear, measurable improvements to your social media strategy.

    Improve Requirements Gathering

    • An improvement in requirements analysis will strengthen the relationship between business and IT, as more and more applications satisfy stakeholder needs. More importantly, the applications delivered by IT will meet all the must-have and at least some of the nice-to-have requirements, allowing end users to successfully execute their day-to-day responsibilities.

    Bibliography

    "30+ Influencer Marketing Statistics You Should Know (2022)." Shopify, www.shopify.com/blog/influencer-marketing-statistics.
    "A Brief History of Hootsuite." BrainStation®, 2015, https://brainstation.io/magazine/a-brief-history-of-hootsuite#:~:text=In%202008%2C%20Vancouver%2Dbased%20digital,accounts%20from%20a%20single%20interface.&text=In%202009%2C%20BrightKit's%20name%20changed,a%20capital%20%E2%80%9CS%E2%80%9D).
    "About Us." Sprout Social, https://sproutsocial.com/about/#history
    "About Zoho - Our Story, List of Products." Zoho, www.zoho.com/aboutus.html.
    Adam Rowe, et al. "Sprout Social vs Hootsuite - Which Is Best?: Tech.co 2022." Tech.co, 15 Nov. 2022, https://tech.co/digital-marketing/sprout-social-vs-hootsuite
    "Agorapulse Customer Story: Twilio Segment." Segment, https://segment.com/customers/agorapulse/
    "Agorapulse - Funding, Financials, Valuation & Investors." Crunchbase, www.crunchbase.com/organization/agorapulse/company_financials.
    "Agorapulse Release Notes." Agorapulse Release Notes, https://agorapulse.releasenotes.io/
    "Buffer - Funding, Financials, Valuation & Investors." Crunchbase, www.crunchbase.com/organization/buffer/company_financials.
    Burton, Shannon. "5 Genius Social Commerce Examples You Can Learn From." Sprout Social, 28 Oct. 2021, https://sproutsocial.com/insights/social-commerce-examples/ .
    Chris Gillespie. "How Long Should a Video Be." Vidyard, 17 May 2022, www.vidyard.com/blog/video-length/.
    "Consumers Continue to Seek Influencers Who Keep It Real." Matter Communications, 22 Feb 2023. https://www.matternow.com/blog/consumers-seek-influencers-who-keep-it-real/
    "Contact Center, Communities, & Social Media Software." Khoros, https://khoros.com/about.
    Fennell, Kylie, et al. "Blog." MavSocial, https://mavsocial.com/blog/.
    Fuchs, Jay. "24 Stats That Prove Why You Need a Crisis Management Strategy in 2022." HubSpot Blog, HubSpot, 16 Mar. 2022, https://blog.hubspot.com/service/crisis-management-stats
    Geyser, Werner. "Key Social Commerce Statistics You Should Know in 2022." Influencer Marketing Hub, http://influencermarketinghub.com/social-commerce-stats/
    "Global Crisis Survey 2021: Building resilience for the next normal." PwC, 2021. https://www.pwc.com/ia/es/prensa/pdfs/Global-Crisis-Survey-FINAL-March-18.pdf
    "Global Influencer Marketing Value 2016-2022." Statista, 6 Jan 2023, www.statista.com/statistics/1092819/global-influencer-market-size/.
    "Key Social Commerce Statistics You Should Know in 2023." Influencer Marketing Hub, December 29, 2022. https://influencermarketinghub.com/social-commerce-stats/
    "Khoros - Funding, Financials, Valuation & Investors." Crunchbase, www.crunchbase.com/organization/spredfast/company_financials.
    Lin, Ying. "Social Commerce Market Size (2020–2026) ", Oberlo, Oberlo, www.oberlo.com/statistics/social-commerce-market-size#:~:text=Social%20commerce%20statistics%20show%20that,fastest%20and%20slowest%20growth%20rates.
    Mediakix, "5 Influencer Marketing Case Studies." HubSpot, n.d. https://cdn2.hubspot.net/hubfs/505330/Influencer-Marketing-5-Case-Studies-Ebook.pdf.
    "Our Story: HubSpot - Internet Marketing Company." HubSpot, www.hubspot.com/our-story .
    PricewaterhouseCoopers. "69% Of Business Leaders Have Experienced a Corporate Crisis in the Last Five Years Yet 29% of Companies Have No Staff Dedicated to Crisis Preparedness." PwC, 2019. www.pwc.com/gx/en/news-room/press-releases/2019/global-crisis-survey.html.
    Ferris, Robert. "Duke Player Zion Williamson Injured When Nike Shoe Blows Apart during Game." CNBC, CNBC, 21 Feb. 2019, www.cnbc.com/2019/02/21/duke-player-zion-williamson-injured-when-nike-shoe-blows-apart-in-game.html.
    "Social Engagement & Sales Platform." Sprinklr, www.sprinklr.com/social-engagement/.
    "Social Media Analytics & Reporting for Growing Brands." Buffer, https://buffer.com/analyze
    "Social Media Management and Advertising Tool." MavSocial, 30 July 2022, https://mavsocial.com/
    "Social Media Management Software." HubSpot, www.hubspot.com/products/marketing/social-inbox.
    "Social Media Management Software - Zoho Social." Zoho, www.zoho.com/social/
    "Social Media Management Tool for Agencies & Brands." Sendible, www.sendible.com/.
    "Social Media Management Tools." Sprout Social, 6 Sept. 2022, https://sproutsocial.com/social-media-management/
    "Social Media Marketing & Management Platform For Enterprises." Khoros, khoros.com/platform/social-media-management.
    "Social Media Monitoring Tool." Agorapulse, www.agorapulse.com/features/social-media-monitoring/.
    "Top 12 Moments in SPRINKLR's History." Sprinklr, www.sprinklr.com/blog/12-moments-sprinklr-history/.
    Twitter, BestBuy, https://twitter.com/BestBuyCanada
    "The Ultimate Guide to Hootsuite." Backlinko, 10 Oct. 2022, https://backlinko.com/hub/content/hootsuite
    Widrich, Leo. "From 0 to 1,000,000 Users: The Journey and Statistics of Buffer." Buffer Resources, Buffer Resources, 8 Dec. 2022, buffer.com/resources/from-0-to-1000000-users-the-journey-and-statistics-of-buffer/.
    Yeung, Carmen. "Social Media Crisis Management 3 Examples Done Right." Synthesio, 19 Nov. 2021, www.synthesio.com/blog/social-media-crisis-management/.

    Initiate Your Service Management Program

    • Buy Link or Shortcode: {j2store}398|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Service Management
    • Parent Category Link: /service-management
    • IT organizations continue attempting to implement service management, often based on ITIL, with limited success and without visible value.
    • More than half of service management implementations have failed beyond simply implementing the service desk and the incident, change, and request management processes.
    • Organizational structure, goals, and cultural factors are not considered during service management implementation and improvement.
    • The business lacks engagement and understanding of service management.

    Our Advice

    Critical Insight

    • Service management is an organizational approach. Focus on producing successful and valuable services and service outcomes for the customers.
    • All areas of the organization are accountable for governing and executing service management. Ensure that you create a service management strategy that improves business outcomes and provides the value and quality expected.

    Impact and Result

    • Identified structure for how your service management model should be run and governed.
    • Identified forces that impact your ability to oversee and drive service management success.
    • Mitigation approach to restraining forces.

    Initiate Your Service Management Program Research & Tools

    Start here – read the Executive Brief

    Read this Executive Brief to understand why service management implementations often fail and why you should establish governance for service management.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Identify the level of oversight you need

    Use Info-Tech’s methodology to establish an effective service management program with proper oversight.

    • Service Management Program Initiation Plan
    [infographic]

    Select Your Data Platform

    • Buy Link or Shortcode: {j2store}346|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $62,999 Average $ Saved
    • member rating average days saved: 20 Average Days Saved
    • Parent Category Name: Data Management
    • Parent Category Link: /data-management

    Every organization needs a data management (DM) platform that enables the DM capabilities required. This could be a daunting task because:

    • Every organization has a unique set of requirements for the DM platform.
    • Software products are difficult to compare because every vendor provides a unique set of features.
    • Software vendors are interested in getting as large a footprint as possible.
    • Some products from different categories offer the same functionalities.
    • Some products are just not compatible.

    Our Advice

    Critical Insight

    • Technology requirements start with the business goals.
    • Data platform selection should be based on common best practices and, at the same time, be optimized for the organization’s specific needs and goals and support an evolutionary platform development.
    • What is best for one organization may be totally unacceptable for another – all for very valid reasons.

    Impact and Result

    Understand your current environment and use proven reference architecture patterns to expedite building the data management platform that matches your needs.

    • Use a holistic approach.
    • Understand your goals and priorities.
    • Picture your target-state architecture.
    • Identify your current technology coverage.
    • Select the software covering the gaps in technology enablement based on feature/functional enablement descriptions as well as vendor and deployment preferences.

    Select Your Data Platform Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out what challenges are typically in the way of designing a data platform, review Info-Tech’s methodology, and understand how we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Select your data platform

    Assess your current environment, find the right reference architecture pattern, and match identified capabilities with software features.

    • Data Platform Design Assessment
    • Reference Architecture Pattern

    Infographic

    Identify and Manage Reputational Risk Impacts on Your Organization

    • Buy Link or Shortcode: {j2store}220|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management

    Access to information about companies is more available to consumers than ever. Organizations must implement mechanisms to monitor and manage how information is perceived to avoid potentially disastrous consequences to their brand reputation.

    A negative event could impact your organization's reputation at any given time. Make sure you understand where such events may come from and have a plan to manage the inevitable consequences.

    Our Advice

    Critical Insight

    • Identifying and managing a vendor’s potential impact on your organization’s reputation requires efforts from multiple people in the organization across several functions. Those people all need coaching on the potential changes in the market and how social media can affect your brand.
    • Organizational leadership is often caught unaware during crises, and their response plans lack the flexibility to adjust to significant market upheavals.

    Impact and Result

    • Vendor management practices educate organizations on the different potential risks to vendors in your market and suggest creative and alternative ways to avoid and help manage them.
    • Prioritize and classify your vendors with quantifiable, standardized rankings.
    • Prioritize focus on your high-risk vendors.
    • Standardize your processes for identifying and monitoring vendor risks to manage potential impacts on your reputation and brand with our Reputational Risk Impact Tool.

    Identify and Manage Reputational Risk Impacts on Your Organization Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Identify and Manage Reputational Risk Impacts on Your Organization Deck – Use the research to better understand the negative impacts of vendor actions on your brand reputation.

    Use this research to identify and quantify the potential reputational impacts caused by vendors. Use Info-Tech's approach to look at the reputational impact from various perspectives to better prepare for issues that may arise.

    • Identify and Manage Reputational Risk Impacts on Your Organization Storyboard

    2. Reputational Risk Impact Tool – Use this tool to help identify and quantify the reputational impacts of negative vendor actions.

    By playing the “what if” game and asking probing questions to draw out – or eliminate - possible negative outcomes, everyone involved adds their insight into parts of the organization to gather a comprehensive picture of potential impacts.

    • Reputational Risk Impact Tool
    [infographic]

    Further reading

    Identify and Manage Reputational Risk Impacts on Your Organization

    Brand reputation is the most valuable asset an organization can protect.

    Analyst Perspective

    Organizations must diligently assess and protect their reputations, both in the market and internally.

    Social media, unprecedented access to good and bad information, and consumer reliance on others’ online opinions force organizations to dedicate more resources to protecting their brand reputation than ever before. Perceptions matter, and you should monitor and protect the perception of your organization with as much rigor as possible to ensure your brand remains recognizable and trusted.

    Photo of Frank Sewell, Research Director, Vendor Management, Info-Tech Research Group.

    Frank Sewell
    Research Director, Vendor Management
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Access to information about companies is more available to consumers than ever. A negative event could impact your organizational reputation at any time. As a result, organizations must implement mechanisms to monitor and manage how information is perceived to avoid potentially disastrous consequences to their brand reputation.

    Make sure you understand where negative events may come from and have a plan to manage the inevitable consequences.

    Common Obstacles

    Identifying and managing a vendor’s potential impact on your organization’s reputation requires efforts from multiple people in the organization across several functions. Those people all need coaching on the potential changes in the market and how social media can affect your brand.

    Organizational leadership is often caught unaware during crises, and their response plans lack the flexibility to adjust to significant market upheavals.

    Info-Tech’s Approach

    Vendor management practices educate organizations on the different potential risks to vendors in your market and suggest creative and alternative ways to avoid and help manage them.

    Prioritize and classify your vendors with quantifiable, standardized rankings.

    Prioritize focus on your high-risk vendors.

    Standardize your processes for identifying and monitoring vendor risks to manage potential impacts on your reputation and brand with our Reputational Risk Impact Tool.

    Info-Tech Insight

    Organizations must evolve their risk assessments to be more adaptive to respond to rapid changes in online media. Ongoing monitoring of social media and the vendors tied to their company is imperative to achieving success and avoiding reputational disasters.

    Info-Tech’s multi-blueprint series on vendor risk assessment

    There are many individual components of vendor risk beyond cybersecurity.

    Cube with each multiple colors on each face, similar to a Rubix cube, and individual components of vendor risk branching off of it: 'Financial', 'Reputational', 'Operational', 'Strategic', 'Security', and 'Regulatory & Compliance'.

    This series will focus on the individual components of vendor risk and how vendor management practices can facilitate organizations’ understanding of those risks.

    Out of scope:
    This series will not tackle risk governance, determining overall risk tolerance and appetite, or quantifying inherent risk.

    Reputational risk impacts

    Potential losses to the organization due to risks to its reputation and brand

    In this blueprint, we’ll explore reputational risks (risks to the brand reputation of the organization) and their impacts.

    Identify potentially negative events to assess the overall impact on your organization and implement adaptive measures to respond and correct.

    Cube with each multiple colors on each face, similar to a Rubix cube, and the vendor risk component 'Reputational' highlighted.

    Protect your most valuable asset: your brand

    25%

    of a company’s market value is due to reputation (Transmission Private, 2021)

    94%

    of consumers say that a bad review has convinced them to avoid a business (ReviewTrackers, 2022)

    14 hours

    is the average time it takes for a false claim to be corrected on social media (Risk Analysis, 2018)
    Image of an umbrella covering the word 'BRAND' and three arrows approaching from above.

    What is brand recognition?

    And the cost of rebranding

    Brand recognition is the ability of consumers to recognize an identifying characteristic of one company versus a competitor.” (Investopedia)

    Most trademark valuation is based directly on its projected future earning power, based on income history. For a new brand with no history, evaluators must apply experience and common sense to predict the brand's earning potential. They can also use feedback from industry experts, market surveys, and other studies.” (UpCounsel)

    The cost of rebranding for small to medium businesses is about 10 to 20% of the recommended overall marketing budget and can take six to eight months (Ignyte).

    Stock image of a house with a money sign chimney.

    "All we are at our core is our reputation and our brand, and they are intertwined." (Phil Bode, Principal Research Director, Info-Tech Research Group)

    What your vendor associations say about you

    Arrows of multiple colors coalescing in an Earth labelled 'Your Brand', and then a red arrow that reads 'Reputation' points to the terms on the right.

    Bad Customer Reviews

    Breach of Data

    Poor Security Posture

    Negative News Articles

    Public Lawsuits

    Poor Performance

    How a major vendor protects its brand

    An ideal state
    • There is a dedicated brand protection department.
    • All employees are educated annually on brand protection policies and procedures.
    • Brand protection is tied to cybersecurity.
    • The organization actively monitors its brand and reputation through various media formats.
    • The organization has criteria for assessing x-party vendors and holds them accountable through ongoing monitoring and validation of their activities.

    Brand Protection
    Done Right

    Sticker for a '5 Star Rating'.

    Never underestimate the power of local media on your profits

    Info-Tech Insight

    Keep in mind that too much exposure to media can be a negative in that it heightens the awareness of your organization to outside actors. If you do go through a period of increased exposure, make sure to advance your monitoring practices and vigilance.

    Story: Restaurant data breach

    Losing customer faith

    A popular local restaurant’s point of service (POS) machines were breached and the credit card data of their customers over a two-week period was stolen. The restaurant did the right thing: they privately notified the affected people, helped them set up credit monitoring services, and replaced their compromised POS system.

    Unfortunately, the local newspaper got wind of the breach. It published the story, leaving out that the restaurant had already notified affected customers and had replaced their POS machines.

    In response, the restaurant launched a campaign in the local paper and on social media to repair their reputation in the community and reassure people that they could safely transact at their business.

    For at least a month, the restaurant experienced a drastic decrease in revenue as customers either refused to come in to eat or paid only in cash. During this same period the restaurant was spending outside their budget on the advertising.
    Broken trust.

    Story: Monitor your subcontractors

    Trust but verify

    A successful general contractor with a reputation for fairness in their dealings needed a specialist to perform some expert carpentry work for a few of their clients.

    The contractor gave the specialist the clients’ contact information and trusted them to arrange the work.

    Weeks later, the contractor checked in with the clients and received a ton of negative feedback:

    • The specialist called them once and never called back.
    • The specialist refused to do the work as described and wanted to charge extra.
    • The specialist performed work to “fix” the issue but cut corners to lessen their costs.

    As a result, the contractor took extreme measures to regain the clients’ confidence and trust and lost other opportunities in the process.

    Stock image of a sad construction site supervisor.

    You work hard for your reputation. Don’t let others ruin it.

    Don’t forget to look within as well as without

    Stock image of a frustrated desk worker.

    Story: Internal reputation is vital

    Trust works both ways

    An organization’s relatively new IT and InfoSec department leadership have been upgrading the organization's systems and policies as fast as resources allow when the organization encounters a major breach of security.

    Trust in the developing IT and InfoSec departments' leadership wanes throughout the organization as people search for the root cause and blame the systems. This degradation of trust limits the effectiveness of the newly implemented process, procedures, and tools of the departments.

    The new leaders' abilities are called into question, and they must now rigorously defend and justify their decisions and positions to the executives and board.

    It will be some time before the two departments gain their prior trust and respect, and the new leaders face some tough times ahead regaining the organization's confidence.

    How could the new leaders approach the situation to mend their reputations in the wake of this (perhaps unfair) reputational hit?

    It is not enough to identify the potential risks; there must also be adequate controls in place to monitor and manage them

    Stock image of a fingerprint on a computer chip under a blacklight.

    Identify, manage, and monitor reputational risks

    Global markets
    • Organizations need to learn how to assess the likelihood of potential risks in the changing global markets and recognize how their partnerships and subcontracts affect their brand.
    • Now more than ever, organizations need to be mindful of the larger global landscape and how their interactions within various regions can impact their reputation.
    Social media
    • Understanding how to monitor social media activity and online content will give you an edge in the current environment.
    • Changes in social media generally happen faster than companies can recognize them. If you are not actively monitoring those risks, the damage could set in before you even have a chance to respond.
    Global shortages
    • Organizations need to accept that shortages will recur periodically and that preparing for them will significantly increase the success potential of long-term plans.
    • Customers don’t always understand what is happening in the global supply chain and may blame you for poor service if you cannot meet demands as you have in the past.

    Which way is your reputation heading?

    • Do you understand and track items that might affect your reputation?
    • Do you understand the impact they may have on your business?

    Visualization of a Newton's Cradle perpetual motion device, aka clacky balls. The lifted ball is colored green with a smiley face and is labelled 'Your Brand Reputation'. The other four balls are red with a frowny face and are labelled 'Data Breach/ Lawsuit', 'Service Disruption', 'Customer Complaint', and 'Poor Delivery'.

    Identifying and understanding potential risks is essential to adapting to the ever-changing online landscape

    Info-Tech Insight

    Few organizations are good at identifying risks. As a result, almost none realistically plan to monitor, manage, and adapt their plans to mitigate those risks.

    Reputational risks

    Not protecting your brand can have disastrous consequences to your organization

    • Data breaches & lawsuits
    • Poor vendor performance
    • Service disruptions
    • Negative reviews

    Stock image of a smiling person on their phone rating something five stars.

    What to look for in vendors

    Identify potential reputational risk impacts
    • Check online reviews from both customers and employees.
    • Check news sites:
      • Has the vendor been affected by a breach?
      • Is the vendor frequently in the news – good or bad? Greater exposure can cause an uptick in hostile attacks, so make sure the vendor has adequate protections in line with its exposure.
    • Review its financials. Is it prime for an acquisition/bankruptcy or other significant change?
    • Review your contractual protections to ensure that you are made whole in the event something goes wrong. Has anything changed with the vendor that requires you to increase your protections?
    • Has anything changed in the vendor’s market? Is a competitor taking its business, or are its resources stretched on multiple projects due to increased demand?
    Illustration of business people in a city above various icons.

    Assessing Reputational Risk Impacts

    Zigzagging icons and numbers one through 7 alternating sides downward. Review Organizational Strategy
    Understand the organizational strategy to prepare for the “what if” game exercise.
    Identify & Understand Potential Risks
    Play the “what if” game with the right people at the table.
    Create a Risk Profile Packet for Leadership
    Pull all the information together in a presentation document.
    Validate the Risks
    Work with leadership to ensure that the proposed risks are in line with their thoughts.
    Plan to Manage the Risks
    Lower the overall risk potential by putting mitigations in place.
    Communicate the Plan
    It is important not only to have a plan but also to socialize it in the organization for awareness.
    Enact the Plan
    Once the plan is finalized and socialized put it in place with continued monitoring for success.
    (Adapted from Harvard Law School Forum on Corporate Governance)

    Insight Summary

    Reputational risk impacts are often unanticipated, causing catastrophic downstream effects. Continuously monitoring your vendors’ actions in the market can help organizations head off brand disasters before they occur.

    Insight 1

    Understanding how to monitor social media activity and online content will give you an edge in the current environment.

    Do you have dedicated individuals or teams to monitor your organization's online presence? Most organizations review and approve the online content, but many forget the need to have analysts reviewing what others are saying about them.

    Insight 2

    Organizations need to learn how to assess the likelihood of potential risks in the rapidly changing online environments and recognize how their partnerships and subcontractors’ actions can affect their brand.

    For example, do you understand how a simple news article raises your profile for short-term and long-term adverse events?

    Insight 3

    Socialize the risk management process throughout the organization to heighten awareness and enable employees to help protect the company’s reputation.

    Do you include a social media and brand protection policy in your annual education?

    Identify reputational risk

    Who should be included in the discussion?
    • While it is true that executive-level leadership defines the strategy for an organization, it is vital for those making decisions to make INFORMED decisions.
    • Getting input from your organization's marketing experts will enhance your brand's long-term protection.
    • Involving those who directly manage vendors and understand the market will aid in determining the forward path for relationships with your current vendors and identifying new emerging potential partners.
    • Organizations have a wealth of experience in their marketing departments that can help identify real-world negative scenarios.
    • Include vendor relationship managers to help track what is happening in the media for those vendors.
    Keep in mind: (R=L*I)
    Risk = Likelihood x Impact

    Impact tends to remain the same, while likelihood is a very flexible variable.

    Stock image of a flowchart asking 'Risk?', 'Yes', 'No'.

    Manage and monitor reputational risk impacts

    What can we realistically do about the risks?
    • Re-evaluate corporate policies frequently.
    • Ensure proper protections in contracts:
      • Limit the use of your brand name in the publicity and trademark clauses.
      • Make sure to include security protections for your data in the event of a breach; understand that reputation can rarely be made whole again once trust is breached.
    • Introduce continual risk assessment to monitor the relevant vendor markets.
    • Be adaptable and allow for innovations that arise from the current needs.
      • Capture lessons learned from prior incidents to improve over time and adjust your strategy based on the lessons.
    • Monitor your company’s and associated vendors’ online presence.
    • Track similar companies’ brand reputations to see how yours compares in the market.

    Social media is driving the need for perpetual diligence.

    Organizations need to monitor their brand reputation considering the pace of incidents in the modern age.

    Stock image of a person on a phone that is connected to other people.

    The “what if” game

    1-3 hours

    Input: List of identified potential risk scenarios scored by likelihood and financial impact, List of potential management of the scenarios to reduce the risk

    Output: Comprehensive reputational risk profile on the specific vendor solution

    Materials: Whiteboard/flip charts, Reputational Risk Impact Tool to help drive discussion

    Participants: Vendor Management Coordinator, Organizational Leadership, Operations Experts (SMEs), Legal/Compliance/Risk Manager, Marketing

    Vendor management professionals are in an excellent position to help senior leadership identify and pull together resources across the organization to determine potential risks. By playing the "what if" game and asking probing questions to draw out – or eliminate – possible negative outcomes, everyone involved adds their insight into parts of the organization to gather a comprehensive picture of potential impacts.

    1. Break into smaller groups (or if too small, continue as a single group).
    2. Use the Reputational Risk Impact Tool to prompt discussion on potential risks. Keep this discussion flowing organically to explore all potential risk but manage the overall process to keep the discussion on track.
    3. Collect the outputs and ask the subject matter experts for management options for each one in order to present a comprehensive risk strategy. You will use this to educate senior leadership so that they can make an informed decision to accept or reject the solution.

    Download the Reputational Risk Impact Tool

    Example: Low reputational risk

    We can see clearly in this example that the contractor suffered minimal impact from the specialist's behavior. Though they did take a hit to their overall reputation with a few customers, they should be able to course-correct with a minimal outlay of effort and almost no loss of revenue.

    Stock image of construction workers.

    Sample table of 'Sample Questions to Ask to Identify Reputational Impacts'. Column headers are 'Score', 'Weight', 'Question', and 'Comments or Notes'. At the bottom the 'Reputational Score' row has a low average score of '1.3' and '%100' total weight in their respective columns.

    Example: High reputational risk

    Note in the example how the tool can represent different weights for each of the criteria depending on your needs.

    Stock image of an older person looking out a window.

    Sample table of 'Sample Questions to Ask to Identify Reputational Impacts'. Column headers are 'Score', 'Weight', 'Question', and 'Comments or Notes'. At the bottom the 'Reputational Score' row has a high average score of '3.1' and '%100' total weight in their respective columns.

    Summary

    Be vigilant and adaptable to change
    • Organizations need to learn how to assess the likelihood of potential risks in the changing global markets and recognize how their partnerships and subcontracts affect their brand.
    • Understanding how to monitor social media activity and online content will give you an edge in the current environment.
    • Bring the right people to the table to outline potential risks to your organization’s brand reputation.
    • Socialize the risk management process throughout the organization to heighten awareness and enable employees to help protect the company’s reputation.
    • Incorporate lessons learned from incidents into your risk management process to build better plans for future issues.
    Stock image of a person's face overlaid with many different images.

    Organizations must evolve their risk assessments to be more adaptive to respond to global factors in the market.

    Ongoing monitoring of online media and the vendors tied to company visibility is imperative to avoiding disaster.

    Bibliography

    "The CEO Reputation Premium: Gaining Advantage in the Engagement Era." Weber Shandwick, March 2015. Accessed June 2022.

    Glidden, Donna. "Don't Underestimate the Need to Protect Your Brand in Publicity Clauses." Info-Tech Research Group, June 2022.

    Greenaway, Jordan. "Managing Reputation Risk: A start-to-finish guide." Transmission Private, July 2020. Accessed June 2022.

    Jagiello, Robert D., and Thomas T. Hills. “Bad News Has Wings: Dread Risk Mediates Social Amplification in Risk Communication.” Risk Analysis, vol. 38, no. 10, 2018, pp. 2193-2207.

    Kenton, Will. "Brand Recognition.” Investopedia, Aug. 2021. Accessed June 2022.

    Lischer, Brian. "How Much Does it Cost to Rebrand Your Company?" Ignyte, October 2017. Accessed June 2022.

    "Powerful Examples of How to Respond to Negative Reviews." ReviewTrackers, 16 Feb. 2022. Accessed June 2022.

    Tonello, Matteo. “Strategic Risk Management: A Primer for Directors.” Harvard Law School Forum on Corporate Governance, 23 Aug. 2012. Web.

    "Valuation of Trademarks: Everything You Need to Know." UpCounsel, 2022. Accessed June 2022.

    Related Info-Tech Research

    Sample of 'Assessing Financial Risk Management'. Identify and Manage Financial Risk Impacts on Your Organization
    • Identifying and managing a vendor’s potential financial impact requires multiple people in the organization across several functions – and those people all need educating on the potential risks.
    • Organizational leadership is often unaware of decisions on organizational risk appetite and tolerance, and they assume there are more protections in place against risk impact than there truly are.
    Sample of 'How to Assess Strategic Risk'. Identify and Manage Strategic Risk Impacts on Your Organization
    • Identifying and managing a vendor’s potential strategic impact requires multiple people in the organization across several functions – and those people all need coaching on the potential changes in the market and how these changes affect strategic plans.
    • Organizational leadership is often caught unaware during crises, and their plans lack the flexibility needed to adjust to significant market upheavals.
    Research coming soon. Jump Start Your Vendor Management Initiative
    • Vendor management is not “plug and play” – each organization’s vendor management initiative (VMI) needs to fit its culture, environment, and goals. The key is to adapt vendor management principles to fit your needs…not the other way around.
    • All vendors are not of equal importance to an organization. Classifying or segmenting your vendors allows you to focus your efforts on the most important vendors first, allowing your VMI to have the greatest impact possible.

    Research Contributors and Experts

    Frank Sewell

    Research Director
    Info-Tech Research Group

    Donna Glidden

    Research Director
    Info-Tech Research Group

    Steven Jeffery

    Principal Research Director
    Info-Tech Research Group

    Mark Roman

    Managing Partner
    Info-Tech Research Group

    Phil Bode

    Principal Research Director
    Info-Tech Research Group

    Sarah Pletcher

    Executive Advisor
    Info-Tech Research Group

    Scott Bickley

    Practice Lead
    Info-Tech Research Group

    Bring Visibility to Your Day-to-Day Projects

    • Buy Link or Shortcode: {j2store}444|cart{/j2store}
    • member rating overall impact (scale of 10): 9.8/10 Overall Impact
    • member rating average dollars saved: $9,649 Average $ Saved
    • member rating average days saved: 24 Average Days Saved
    • Parent Category Name: Portfolio Management
    • Parent Category Link: /portfolio-management
    • As an IT leader, you are responsible for getting new things done while keeping the old things running. These “new things” can come in many forms, e.g. service requests, incidents, and officially sanctioned PMO projects, as well as a category of “unofficial” projects that have been initiated through other channels.
    • These unofficial projects get called many things by different organizations (e.g. level 0 projects,BAU projects, non-PMO projects, day-to-day projects), but they all have the similar characteristics: they are smaller and less complex than larger projects or officially sanctioned projects; they are larger and more risky than operational tasks or incidents; and they are focused on the needs of a specific functional unit and tend to stay within those units to get done.
    • Because these day-to-day projects are small, emergent, team-specific, operationally vital, yet generally perceived as being strategically unimportant, top-level leadership has a limited understanding of them when they are approving and prioritizing major projects. As a result, they approve projects with no insight into how your team’s capacity is already stretched thin by existing demands.

    Our Advice

    Critical Insight

    • Senior leadership cannot contrast the priority of things that are undocumented. As an IT leader, you need to ensure day-to-day projects receive the appropriate amount of documentation without drowning your team in a process that the types of project don’t warrant.
    • Don’t bleed your project capacity dry by leaving the back door open. When executive oversight took over the strategic portfolio, we assumed they’d resource those projects as a priority. Instead, they focused on “alignment,” “strategic vision,” and “go to market” while failing to secure and defend the resource capacity needed. To focus on the big stuff, you need to sweat the small stuff.

    Impact and Result

    • Develop a method to consistently identify and triage day-to-day projects across functional teams in a standard and repeatable way.
    • Establish a way to balance and prioritize the operational necessity of day-to-day projects against the strategic value of major projects.
    • Build a repeatable process to document and report where the time goes across all given pockets of demand your team faces.

    Bring Visibility to Your Day-to-Day Projects Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should put more portfolio management structure around your day-to-day projects, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Uncover your organization’s hidden pockets of day-to-day projects

    Define an organizational standard for identifying day-to-day projects and triaging them in relation to other categories of projects.

    • Bring Visibility to Your Day-to-Day Projects – Phase 1: Uncover Your Organization’s Hidden Pockets of Day-to-Day Projects
    • Day-to-Day Project Definition Tool
    • Day-to-Day Project Supply/Demand Calculator

    2. Establish ongoing day-to-day project visibility

    Build a process for maintaining reliable day-to-day project supply and demand data.

    • Bring Visibility to Your Day-to-Day Projects – Phase 2: Establish Ongoing Day-to-Day Project Visibility
    • Day-to-Day Project Process Document
    • Day-to-Day Project Intake and Prioritization Tool
    [infographic]

    Workshop: Bring Visibility to Your Day-to-Day Projects

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Analyze the Current State of Day-to-Day Projects

    The Purpose

    Assess the current state of project portfolio management and establish a realistic target state for the management of day-to-day projects.

    Key Benefits Achieved

    Realistic and well-informed workshop goals.

    Activities

    1.1 Begin with introductions and workshop expectations activity.

    1.2 Perform PPM SWOT analysis.

    1.3 Assess pain points and analyze root causes.

    Outputs

    Realistic workshop goals and expectations

    PPM SWOT analysis

    Root cause analysis

    2 Establish Portfolio Baselines for Day-to-Day Projects

    The Purpose

    Establish a standard set of baselines for day-to-day projects that will help them to be identified and managed in the same way across different functional teams.

    Key Benefits Achieved

    Standardization of project definitions and project value assessments across different functional teams.

    Activities

    2.1 Formalize the definition of a day-to-day project and establish project levels.

    2.2 Develop a project value scorecard for day-to-day projects.

    2.3 Analyze the capacity footprint of day-to-day projects.

    Outputs

    Project identification matrix

    Project value scorecard

    A capacity overview to inform baselines

    3 Build a Target State Process for Day-to-Day Projects

    The Purpose

    Establish a target state process for tracking and monitoring day-to-day projects at the portfolio level.

    Key Benefits Achieved

    Standardization of how day-to-day projects are managed and reported on across different functional teams.

    Activities

    3.1 Map current state workflows for the intake and resource management practices (small and large projects).

    3.2 Perform a right-wrong-missing-confusing analysis.

    3.3 Draft a target state process for the initiation of day-to-day projects and for capacity planning.

    Outputs

    Current state workflows

    Right-wrong-missing-confusing analysis

    Target state workflows

    4 Prepare to Implement Your New Processes

    The Purpose

    Start to plan the implementation of your new processes for the portfolio management of day-to-day projects.

    Key Benefits Achieved

    An implementation plan, complete with communication plans, timelines, and goals.

    Activities

    4.1 Perform a change impact and stakeholder management analysis.

    4.2 Perform a start-stop-continue activity.

    4.3 Define an implementation roadmap.

    Outputs

    Change impact and stakeholder analyses

    Start-stop-continue retrospective

    Implementation roadmap

    Data and Analytics Trends 2023

    • Buy Link or Shortcode: {j2store}208|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Business Intelligence Strategy
    • Parent Category Link: /business-intelligence-strategy

    Data is a unique resource that keeps growing, presenting opportunities along the way. CIOs and IT leaders can use rapidly evolving technologies and capabilities to harness this data and its value for the organization.

    IT leaders must prepare their teams and operations with the right knowledge, capabilities, and strategies to make sure they remain competitive in 2023 and beyond. Nine trends that expand on the three common Vs of data – volume, velocity, and variety – can help guide the way.

    Focus on trends that align with your opportunities and challenges

    The path to becoming more competitive in a data-driven economy differs from one company to the next. IT leaders should use the data and analytics trends that align most with their organizational goals and can lead to positive business outcomes.

    1. Prioritize your investments: Conduct market analysis and prioritize the data and analytics investments that will be critical to your business.
    2. Build a robust strategy: Identify a clear path between your data vision and business outcomes to build a strategy that’s a good fit for your organization.
    3. Inspire practical innovation: Follow a pragmatic approach to implementing trends that range from data gravity and democratization to data monetization and augmented analytics.

    Data and Analytics Trends 2023 Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Data and Analytics Trends Report 2023 – A report that explores nine data use cases for emerging technologies that can improve on capabilities needed to compete in the data-driven economy.

    Data technologies are rapidly evolving. Understanding data's art of the possible is critical. However, to adapt to these upcoming data trends, a solid data management foundation is required. This report explores nine data trends based on the proven framework of data V's: Volume, Velocity, Variety, Veracity, Value, Virtue, Visualization, Virality, and Viscosity.

    • Data and Analytics Trends Report 2023
    [infographic]

    Further reading

    Data and Analytics Trends Report 2023

    SOONER OR LATER, YOU WILL BE IN THE DATA BUSINESS!

    Nine Data Trends for 2023

    In this report, we explore nine data use cases for emerging technologies that can improve on capabilities needed to compete in the data-driven economy. Use cases combine emerging data trends and modernization of existing capabilities.

    1. VOLUME
      • Data Gravity
    2. VELOCITY
    • Democratizing Real-Time Data
  • VARIETY
    • Augmented Data Management
  • VERACITY
    • Identity Authenticity
  • VALUE
    • Data Monetization
  • VIRTUE
    • Adaptive Data Governance
  • VISUALIZATION
    • AI-Driven Storytelling & Augmented Analytics
  • VIRALITY
    • Data Marketplace
  • VISCOSITY
    • DevOps – DataOps – XOps

    VOLUME

    Data Gravity

    Trend 01 Demand for storage and bandwidth continues to grow

    When organizations begin to prioritize data, they first consider the sheer volume of data, which will influence data system design. Your data systems must consider the existing and growing volume of data by assessing industry initiatives such as digital transformation, Industry 4.0, IoT, consumer digital footprint, etc.

    The largest data center in the world is a citadel in Reno, Nevada, that stretches over 7.2 million square feet!

    Source: Cloudwards, 2022

    IoT devices will generate 79.4 zettabytes of data
    by 2025.

    Source: IDC, 2019

    There were about 97
    zettabytes of data generated worldwide in 2022.

    Source: “Volume of Data,” Statista, 2022

    VOLUME

    Data Gravity

    Data attracts more data and an ecosystem of applications and services

    SharePoint, OneDrive, Google Drive, and Dropbox offer APIs and integration opportunities for developers to enhance their products.

    Social media platforms thought about this early by allowing for an ecosystem of filters, apps, games, and effects that engage their users with little to no additional effort from internal resources.

    The image contains four logos. SharePoint, OneDrive, Google Drive, and Dropbox.

    VOLUME

    Data Gravity

    Focus on data gravity and avoid cloud repatriation

    Data gravity is the tendency of data to attract applications, services, and other data. A growing number of cloud migration decisions will be made based on the data gravity concept. It will become increasingly important in data strategies, with failure potentially resulting in costly cloud repatriations.

    Emerging technologies and capabilities:

    Data Lakehouse, Data Mesh, Data Fabric, Hybrid Data, Cloud Data, Edge Computing

    47%

    Centralized cloud storage going down in 2 years

    22%
    25%

    Hybrid storage (centralized + edge) going up in 2 years

    47%

    Source: CIO, 2022

    VOLUME

    Data Gravity

    What worked for terabytes is ineffective for petabytes

    When compared to on-premises infrastructure, cloud computing is less expensive and easier to implement. However, poor data replication and data gravity can significantly increase cloud costs to the point of failure. Data gravity will help organizations make better cloud migration decisions.

    It is also critical to recognize changes in the industry landscape. The goal of data processing and analytics is to generate the right data for users to act on. In most cases, the user is a human being, but in the case of autonomous driving (AD), the car takes on the role of the user (DXC Technology).

    To avoid cloud repatriation, it will become prudent for all organizations to consider data gravity and the timing of cloud migration.

    The image contains a diagram on data gravity.

    VELOCITY

    Democratizing Real-Time Data

    Trend 02 Real-time analytics presents an important differentiator

    The velocity element of data can be assessed from two standpoints: the speed at which data is being generated and how fast the organization needs to respond to the incoming information through capture, analysis, and use. Traditionally data was processed in a batch format (all at once or in incremental nightly data loads). There is a growing demand to process data continuously using streaming data-processing techniques.

    Emerging technologies and capabilities:

    Edge Computing

    Google announced it has a quantum computer that is 100 million times faster than any classical computer in its lab.

    Source: Science Alert, 2015

    The number of qubits in quantum computers has been increasing dramatically, from 2 qubits in 1998 to 128 qubits in 2019.

    Source: Statista, 2019

    IBM released a 433-qubit quantum chip named Osprey in 2022 and expects to surpass 1,000 qubits with its next chip, Condor, in 2023.

    Source: Nature, 2023

    VELOCITY

    Democratizing Real-Time Data

    Make data accessible to everyone in real time

    • 90% of an organization’s data is replicated or redundant.
    • Build API and web services that allow for live access to data.
    • Most social media platforms, like Twitter and Facebook, have APIs that offer access to incredible amounts of data and insights.

    VELOCITY

    Democratizing Real-Time Data

    Trend in Data Velocity

    Data democratization means data is widely accessible to all stakeholders without bottlenecks or barriers. Success in data democratization comes with ubiquitous real-time analytics. Google highlights a need to address democratization in two different frames:

    1. Democratizing stream analytics for all businesses to ensure real-time data at the company level.
    2. Democratizing stream analytics for all personas and the ability of all users to generate real-time insights.

    Emerging technologies and capabilities:

    Data Lakehouse, Streaming API Ecosystem, Industry 4.0, Zero-Copy Cloning

    Nearly 70% of all new vehicles globally will be connected to the internet by 2023.

    Source: “Connected light-duty vehicles,” Statista, 2022

    VELOCITY

    Democratizing Real-Time Data

    Enable real-time processing with API

    In the past, data democratization has largely translated into a free data set and open data portals. This has allowed the government to freely share data with the public. Also, the data science community has embraced the availability of large data sets such as weather data, stock data, etc. In the future, more focus will be on the combination of IoT and steaming analytics, which will provide better responsiveness and agility.

    Many researchers, media companies, and organizations now have easy access to the Twitter/Facebook API platform to study various aspects of human behavior and sentiments. Large technology companies have already democratized their data using real-time APIs.

    Thousands of sources for open data are available at your local municipalities alone.

    6G will push Wi-Fi connectivity to 1 terabyte per second! This is expected to become commercially available by 2030.

    VARIETY

    Augmented Data Management

    Trend 03 Need to manage unstructured data

    The variety of data types is increasingly diverse. Structured data often comes from relational databases, while unstructured data comes from several sources such as photos, video, text documents, cell phones, etc. The variety of data is where technology can drive business value. However, unstructured data also poses a risk, especially for external data.

    The number of IoT devices could rise to 30.9 billion by 2025.

    Source: “IoT and Non-IoT Connections Worldwide,” Statista, 2022

    The global edge computing market is expected to reach $250.6 billion by 2024.

    Source: “Edge Computing,” Statista, 2022

    Genomics research is expected to generate between 2 and 40 exabytes of data within the next decade.

    Source: NIH, 2022

    VARIETY

    Augmented Data Management

    Employ AI to automate data management

    New tools will enhance many aspects of data management:

    • Data preparation, integration, cataloging, and quality
    • Metadata management
    • Master data management

    Enabling AI-assisted decision-making tools

    The image contains logos of the AI-assisted decision-making tools. Informatica, collibra, OCTOPAI.

    VARIETY

    Augmented Data Management

    Trend in Data Variety

    Augmented data management will enhance or automate data management capabilities by leveraging AI and related advanced techniques. It is quite possible to leverage existing data management tools and techniques, but most experts have recognized that more work and advanced patterns are needed to solve many complex data problems.

    Emerging technologies and capabilities:

    Data Factory, Data Mesh, Data Fabric, Artificial Intelligence, Machine Learning

    VARIETY

    Augmented Data Management

    Data Fabric vs. Data Mesh: The Data Journey continues at an accelerated pace

    Data Fabric

    Data Mesh

    Data fabric is an architecture that facilitates the end-to-end integration of various data pipelines and cloud environments using intelligent and automated systems. It’s a data integration pattern to unify disparate data systems, embed governance, strengthen security and privacy measures, and provide more data accessibility to workers and particularly to business users.

    The data mesh architecture is an approach that aligns data sources by business domains, or functions, with data owners. With data ownership decentralization, data owners can create data products for their respective domains, meaning data consumers, both data scientists and business users, can use a combination of these data products for data analytics and data science.

    More Unstructured Data

    95% of businesses cite the need to manage unstructured data as a problem for their business.

    VERACITY

    Identity Authenticity

    Trend 04 Veracity of data is a true test of your data capabilities

    Data veracity is defined as the accuracy or truthfulness of a data set. More and more data is created in semi-structured and unstructured formats and originates from largely uncontrolled sources (e.g. social media platforms, external sources). The reliability and quality of the data being integrated should be a top concern. The veracity of data is imperative when looking to use data for predictive purposes. For example, energy companies rely heavily on weather patterns to optimize their service outputs, but weather patterns have an element of unpredictability.

    Data quality affects overall labor productivity by as much as 20%, and 30% of operating expenses are due to insufficient data.

    Source: Pragmatic Works, 2017

    Bad data costs up to
    15% to 25% of revenue.

    Source: MIT Sloan Management Review, 2017

    VERACITY

    Identity Authenticity

    Veracity of data is a true test of your data capabilities

    • Stop creating your own identity architectures and instead integrate a tried-and-true platform.
    • Aim for a single source of truth for digital identity.
    • Establish data governance that can withstand scrutiny.
    • Imagine a day in the future where verified accounts on social media platforms are available.
    • Zero-trust architecture should be used.

    VERACITY

    Identity Authenticity

    Trend in Data Veracity

    Veracity is a concept deeply linked to identity. As the value of the data increases, a greater degree of veracity is required: We must provide more proof to open a bank account than to make friends on Facebook. As a result, there is more trust in bank data than in Facebook data. There is also a growing need to protect marginalized communities.

    Emerging technologies and capabilities:

    Zero Trust, Blockchain, Data Governance, IoT, Cybersecurity

    The image contains a screenshot of Info-Tech's blueprint slide on Zero Trust.

    VERACITY

    Identity Authenticity

    The identity discussion is no longer limited to people or organizations. The development of new technologies, such as the IoT phenomenon, will lead to an explosion of objects, from refrigerators to shipping containers, coming online as well. If all these entities start communicating with each other, standards will be needed to establish who or what they are.

    IDENTITY
    IS

    Age

    Gender

    Address

    Fingerprint

    Face

    Voice

    Irises

    IDENTITY
    KNOWS

    Password

    Passphrase

    PIN

    Sequence

    IDENTITY
    HAS

    Access badge

    Smartcard

    Security token

    Mobile phone

    ID document

    IDENTITY
    DOES

    Motor skills

    Handwriting

    Gestures

    Keystrokes

    Applications use

    The IoT market is expected to grow 18% to 14.4 billion in 2022 and 27 billion by 2025.

    Source: IoT Analytics, 2022

    VALUE

    Data Monetization

    Trend 05 Not Many organization know the true value of their data

    Data can be valuable if used effectively or dangerous if mishandled. The rise of the data economy has created significant opportunities but also has its challenges. It has become urgent to understand the value of data, which may vary for stakeholders based on their business model and strategy. Organizations first need to understand ownership of their data by establishing a data strategy, then they must improve data maturity by developing a deeper understanding of data value.

    94% of enterprises say data is essential to business growth.

    Source: Find stack, 2021

    VALUE

    Data Monetization

    Start developing your data business

    • Blockbuster ran its business well, but Netflix transformed the video rental industry overnight!
    • Big players with data are catching up fast.
    • You don’t have to be a giant to monetize data.
    • Data monetization is probably closer than you think.
    • You simply need to find it, catalog it, and deliver it.

    The image contains logos of companies related to data monetization as described in the text above. The companies are Amazon Prime, Netflix, Disney Plus, Blockbuster, and Apple TV.

    VALUE

    Data Monetization

    Trend in Data Value

    Data monetization is the transformation of data into financial value. However, this does not imply selling data alone. Monetary value is produced by using data to improve and upgrade existing and new products and services. Data monetization demands an organization-wide strategy for value development.

    Emerging technologies and capabilities:

    Data Strategy, Data Monetization Strategy, Data Products

    Netflix uses big data to save $1 billion per year on customer retention.

    Source: Logidots, 2021

    VALUE

    Data Monetization

    Data is a strategic asset

    Data is beyond currency, assets, or commodities and needs to be a category
    of its own.

    • Data always outlives people, processes, and technology. They all come and go while data remains.
    • Oil is a limited resource. Data is not. Unlike oil, data is likely to grow over time.
    • Data is likely to outlast all other current popular financial instruments, including currency, assets, or commodities.
    • Data is used internally and externally and can easily be replicated or combined.

    Data monetization is currently in the speculative territory, which is unacceptable. It should instead be guided by sound data management theory.

    VIRTUE

    Adaptive Data Governance

    Trend 06 Five Core Virtues: Resilience, Humility, Grit, Liberal Education, Empathy (Forbes, 2020)

    We have become more and more dependent on data, analytics, and organizational protection policies. Data virtue is about leveraging data securely and ethically. This topic has become more critical with the advent of GDPR, the right to be forgotten, and related regulations. Data governance, which seeks to establish an oversight framework that manages the creation, acquisition, integrity, security, compliance, and quality of data, is essential for any organization that makes decisions about data.

    Cultural obstacles are the greatest barrier to becoming data-driven, according to 91.9% of executives.

    Source: Harvard Business Review, 2022

    Fifty million Facebook profiles were harvested for Cambridge Analytica in a major data breach.

    Source: The Guardian, 2018

    VIRTUE

    Adaptive Data Governance

    Encourage noninvasive and automated data governance

    • Data governance affects the entire organization, not just data.
    • The old model for data governance was slow and clumsy.
    • Adaptive data governance encourages faster decision making and a more collaborative approach to governance.
    • Agile data governance allows for faster and more flexible decision making.
    • Automated data governance will simplify execution across the organization.
    • It is great for compliance, quality, impact tracking, and cross-referencing and offers independence to data users.

    VIRTUE

    Adaptive Data Governance

    Trend in Data Virtue

    Adaptive data governance encourages a flexible approach that allows an organization to employ multiple data governance strategies depending on changing business situations. The other aspect of adaptive data governance is moving away from manual (and often slow) data governance and toward aggressive automation.

    Emerging technologies and capabilities:

    AI-Powered Data Catalog and Metadata Management,
    Automated Data Policy Enforcement

    “To effectively meet the needs and velocity of digital organizations and modern practices, IT governance must be embedded and automated where possible to drive success and value.”

    Source: Valence Howden, Info-Tech Research Group

    “Research reveals that the combination of AI and big data technologies can automate almost 80% of all physical work, 70% of data processing, and 64% of data collection tasks.”

    Source: Forbes, 2021

    VIRTUE

    Data Governance Automation

    Simple and easy Data Governance

    Tools are not the ultimate answer to implementing data governance. You will still need to secure stakeholders' buy-in and engagement in the data process. Data governance automation should be about simplifying the execution of roles and responsibilities.

    “When you can see where your data governance strategy can be improved, it’s time to put in place automation that help to streamline processes.”

    Source: Nintex, 2021

    VISUALIZATION

    AI-Driven Storytelling & Augmented Analytics

    Trend 07 Automated and augmented data storytelling is not that far away

    Today, data storytelling is led by the user. It’s the manual practice of combining narrative with data to deliver insights in a compelling form to assist decision makers in engaging with data and analytics. A story backed by data is more easily consumed and understood than a dashboard, which can be overwhelming. However, manual data storytelling has some major shortcomings.

    Problem # 1: Telling stories on more than just the insights noticed by people

    Problem # 2: Poor data literacy and the limitations of manual self-service

    Problem # 3: Scaling data storytelling across the business

    VISUALIZATION

    AI-Driven Storytelling & Augmented Analytics

    Use AI to enhance data storytelling

    • Tableau, Power BI, and many other applications already use
      AI-driven analytics.
    • Power BI and SharePoint can use AI to generate visuals for any SharePoint list in a matter of seconds.

    VISUALIZATION

    AI-Driven Storytelling & Augmented Analytics

    Trend in Data Visualization

    AI and natural language processing will drive future visualization and data storytelling. These tools and techniques are improving rapidly and are now designed in a streamlined way to guide people in understanding what their data means and how to act on it instead of expecting them to do self-service analysis with dashboards and charts and know what to do next. Ultimately, being able to understand how to translate emotion, tropes, personal interpretation, and experience and how to tell what’s most relevant to each user is the next frontier for augmented and automated analytics

    Emerging technologies and capabilities:

    AI-Powered Data Catalog and Metadata Management,
    Automated Data Policy Enforcement

    VISUALIZATION

    Data Storytelling

    Augmented data storytelling is not that far away

    Emotions are a cornerstone of human intelligence and decision making. Mastering the art of storytelling is not easy.

    Industry experts predict the combination of data storytelling with augmented and automated techniques; these capabilities are more than capable of generating and automating parts of a data story’s creation for end users.

    The next challenge for AI is translating emotion, tropes, personal interpretation, and experience into what is most essential to end users.

    Source: Yellowfin, 2021

    VIRALITY

    Data Marketplace

    Trend 08 Missing data marketplace

    Data virality measures data spread and popularity. However, for data virality to occur, an ecosystem comparable to that of traditional or modern digital marketplaces is required. Organizations must reevaluate their data strategies to ensure investment in appropriate data domains by understanding data virality. Data virality is the exact opposite of dark data.

    Dark data is “all the information companies collect in their regular business processes, don’t use, have no plans to use, but will never throw out.”

    Source: Forbes, 2019

    VIRALITY

    Data Marketplace

    Make data easily accessible

    • Making data accessible to a broader audience is the key to successful virality.
    • Data marketplaces provide a location for you to make your data public.
    • Why do this? Contributing to public data marketplaces builds credibility, just like contributing to public GitHub projects.
    • Big players like Microsoft, Amazon, and Snowflake already do this!
    • Snowflake introduced zero-copy cloning, which allows users to interact with source data without compromising the integrity of the original source.

    The image contains the logos of Microsoft, Amazon, and Snowflake.

    VIRALITY

    Data Marketplace

    Trend in Data Virality

    The data marketplace can be defined as a dynamic marketplace where users decide what has the most value. Companies can gauge which data is most popular based on usage and decide where to invest. Users can shop for data products within the marketplace and then join these products with other ones they’ve created to launch truly powerful data-driven projects.

    Emerging technologies and capabilities:

    AI-Powered Data Catalog and Metadata Management,
    Automated Data Policy Enforcement

    The image contains a screenshot of Info-Tech's Data-as-a-Service (DaaS) Framework.

    “Data is like garbage. You’d better know what you are going to do with it before you collect it.”

    – Mark Twain

    VIRALITY

    Data Marketplace

    Journey from siloed data platforms to dynamic data marketplaces

    Data remains a complex topic due to many missing foundational components and infrastructure. Interoperability, security, quality, discoverability, speed, and ease are some of those missing foundational components that most organizations face daily.

    Data lacks an ecosystem that is comparable to those of traditional assets or commodities. Data must be available in open or closed data marketplaces to measure its value. These data marketplaces are still in their infancy.

    “Data markets are an important component of the data economy that could unleash the full potential of data generated by the digital economy and human activity in general.”

    Source: ITU Journal, 2018

    VISCOSITY

    DevOps – DataOps – XOps

    Trend 09 Increase efficiency by removing bottlenecks

    Compared to water, a fluid with a high viscosity flows more slowly, like honey. Data viscosity measures the resistance to flow in a volume of data. The data resistance may come from other Vs (variety, velocity, etc.).

    VISCOSITY

    DevOps – DataOps – XOps

    Increase efficiency by removing bottlenecks

    Consider XOps for a second. It makes no difference what X is. What's important is matching operational requirements to enterprise capabilities.

    • For example, Operations must meet the demands of Sales – hence SalesOps
      or S&Op.
    • Development resources must meet the demands of Operations – hence DevOps.
    • Finally, Data must also meet the demand of Operations.

    These Operations guys are demanding!!

    VISCOSITY

    DevOps – DataOps – XOps

    Trend in Data Viscosity

    The merger of development (Dev) and IT Operations (Ops) started in software development with the concept of DevOps. Since then, new Ops terms have formed rapidly (AIOps, MLOps, ModelOps, PlatformOps, SalesOps, SecOps, etc.). All these methodologies come from Lean manufacturing principles, which seek to identify waste by focusing on eliminating errors, cycle time, collaboration, and measurement. Buzzwords are distractions, and the focus must be on the underlying goals and principles. XOps goals should include the elimination of errors and improving efficiencies.

    Emerging technologies and capabilities:

    Collaborative Data Management, Automation Tools

    VISCOSITY

    DataOps → Data Observability

    Data observability, a subcomponent of DataOps, is a set of technical practices, cultural norms, and architecture that enables low error rates. Data observability focuses on error rates instead of only measuring data quality at a single point in time.

    Data Quality Dimensions

    • Uniqueness
    • Timeliness
    • Validity
    • Accuracy
    • Consistency

    ERROR RATES

    Lateness: Missing Your SLA

    System Processing Issues

    Code Change That Broke Something

    Data Quality

    What’s next? Go beyond the buzzwords.

    Avoid following trends solely for the sake of following them. It is critical to comprehend the concept and apply it to your industry. Every industry has its own set of problems and opportunities.

    Highlight the data trends (or lack thereof) that have been most beneficial to you in your organizations. Follow Info-Tech’s approach to building a data practice and platform to develop your data capabilities through the establishment of data goals.

    The image contains a screenshot of Info-Tech's Build Your Data Pracrice and Platform.

    Research Authors

    Rajesh Parab Chris Dyck

    Rajesh Parab

    Director, Research & Advisory

    Data and Analytics

    Chris Dyck

    Research Lead

    Data and Analytics

    “Data technologies are rapidly evolving. Understanding what’s possible is critical. Adapting to these upcoming data trends requires a solid data management foundation.”

    – Rajesh Parab

    Contributing Experts

    Carlos Thomas John Walsh

    Carlos Thomas

    Executive Counselor

    Info-Tech Research Group

    John Walsh

    Executive Counselor

    Info-Tech Research Group

    Bibliography

    Bean, Randy. “Why Becoming a Data-Driven Organization Is So Hard.” Harvard Business Review, 24 Feb. 2022. Accessed Oct. 2022.
    Brown, Annie. “Utilizing AI And Big Data To Reduce Costs And Increase Profits In Departments Across An Organization.” Forbes, 13 April 2021.
    Accessed Oct. 2022.
    Burciaga, Aaron. “Five Core Virtues For Data Science And Artificial Intelligence.” Forbes, 27 Feb. 2020. Accessed Aug. 2022.
    Cadwalladr, Carole, and Emma Graham-Harrison. “Revealed: 50 million Facebook profiles harvested for Cambridge Analytica in major data breach.”
    The Guardian, 17 March 2018. Accessed Aug. 2022.
    Carlier, Mathilde. “Connected light-duty vehicles as a share of total vehicles in 2023.” Statista, 31 Mar. 2021. Accessed Oct. 2022.
    Carter, Rebekah. “The Ultimate List of Big Data Statistics for 2022.” Findstack, 22 May 2021. Accessed Oct. 2022.
    Castelvecchi, Davide. “Underdog technologies gain ground in quantum-computing race.” Nature, 6 Nov. 2023. Accessed Feb. 2023.
    Clark-Jones, Anthony, et al. “Digital Identity:” UBS, 2016. Accessed Aug 2022.
    “The Cost of Bad Data Infographic.” Pragmatic Works, 25 May 2017. Accessed Oct. 2022.
    Demchenko, Yuri, et al. “Data as Economic Goods: Definitions, Properties, Challenges, Enabling Technologies for Future Data Markets.“ ITU Journal: ICT Discoveries, Special Issue, no. 2, vol. 23, Nov. 2018. Accessed Aug 2022.
    Feldman, Sarah. ”20 Years of Quantum Computing Growth.” Statista, 6 May 2019. Accessed Oct. 2022.
    “Genomic Data Science.” NIH, National Human Genome Research Institute, 5 April 2022. Accessed Oct. 2022.

    Bibliography

    Hasbe, Sudhir, and Ryan Lippert. “The democratization of data and insights: making real-time analytics ubiquitous.” Google Cloud, 15 Jan. 2021.
    Accessed Aug. 2022.
    Helmenstine, Anne. “Viscosity Definition and Examples.” Science Notes, 3 Aug. 2021. Accessed Aug. 2022.
    “How data storytelling and augmented analytics are shaping the future of BI together.” Yellowfin, 19 Aug. 2021. Accessed Aug. 2022.
    “How Netflix Saves $1B Annually using AI?” Logidots, 24 Sept. 2021. Accessed Oct. 2022
    Hui, Kenneth. “The AWS Love/Hate Relationship with Data Gravity.” Cloud Architect Musings, 30 Jan. 2017. Accessed Aug 2022.
    ICD. “The Growth in Connected IoT Devices Is Expected to Generate 79.4ZB of Data in 2025, According to a New IDC Forecast.” Business Wire, 18 June 2019. Accessed Oct 2022.
    Internet of Things (IoT) and non-IoT active device connections worldwide from 2010 to 2025” Statista, 27 Nov. 2022. Accessed Nov. 2022.
    Koch, Gunter. “The critical role of data management for autonomous driving development.” DXC Technology, 2021. Accessed Aug. 2022.
    Morris, John. “The Pull of Data Gravity.” CIO, 23 Feb. 2022. Accessed Aug. 2022.
    Nield, David. “Google's Quantum Computer Is 100 Million Times Faster Than Your Laptop.” ScienceAlert, 9 Dec. 2015. Accessed Oct. 2022.
    Redman, Thomas C. “Seizing Opportunity in Data Quality.” MIT Sloan Management Review, 27 Nov. 2017. Accessed Oct. 2022.
    Segovia Domingo, Ana I., and Álvaro Martín Enríquez. “Digital Identity: the current state of affairs.” BBVA Research, 2018. Accessed Aug. 2022.

    Bibliography

    “State of IoT 2022: Number of connected IoT devices growing 18% to 14.4 billion globally.” IOT Analytics, 18 May 2022. Accessed. 14 Nov. 2022.
    Strod, Eran. “Data Observability and Monitoring with DataOps.” DataKitchen, 10 May 2021. Accessed Aug. 2022.
    Sujay Vailshery, Lionel. “Edge computing market value worldwide 2019-2025.” Statista, 25 Feb. 2022. Accessed Oct 2022.
    Sujay Vailshery, Lionel. “IoT and non-IoT connections worldwide 2010-2025.” Statista, 6 Sept. 2022. Accessed Oct. 2022.
    Sumina, Vladimir. “26 Cloud Computing Statistics, Facts & Trends for 2022.” Cloudwards, 7 June 2022. Accessed Oct. 2022.
    Taulli, Tom. “What You Need To Know About Dark Data.” Forbes, 27 Oct. 2019. Accessed Oct. 2022.
    Taylor, Linnet. “What is data justice? The case for connecting digital rights and freedoms globally.“ Big Data & Society, July-Dec 2017. Accessed Aug 2022.
    “Twitter: Data Collection With API Research Paper.” IvyPanda, 28 April 2022. Accessed Aug. 2022.
    “Using governance automation to reduce data risk.” Nintex, 15 Nov. 2021. Accessed Oct. 2022
    “Volume of data/information created, captured, copied, and consumed worldwide from 2010 to 2020, with forecasts from 2021 to 2025.” Statista, 8 Sept. 2022. Accessed Oct 2022.
    Wang, R. “Monday's Musings: Beyond The Three V's of Big Data – Viscosity and Virality.” Forbes, 27 Feb. 2012. Accessed Aug 2022.
    “What is a data fabric?” IBM, n.d. Accessed Aug 2022.
    Yego, Kip. “Augmented data management: Data fabric versus data mesh.” IBM, 27 April 2022. Accessed Aug 2022.

    Manage an IT Budget

    • Buy Link or Shortcode: {j2store}70|cart{/j2store}
    • member rating overall impact (scale of 10): 8.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: Cost & Budget Management
    • Parent Category Link: /cost-and-budget-management
    • IT is viewed as a cost center without a clear understanding of the value it provides.
    • After completing the budget, the CIO is faced with changing expectations, disruptions, new risks, and new threats.
    • IT departments often lack a reliable budget management process to keep itself on track towards its budget goals.
    • Over budgeting risks credibility if projects are not all delivered, while under budgeting risks not being able to execute important projects.

    Our Advice

    Critical Insight

    • Managing your budget is not just about numbers; it’s also about people and processes. Better relationships and a proper process leads to better management of your budget. Understand how your relationships and current processes might be leveraged to manage your budget.
    • No one likes to be over budget, but being under budget isn’t necessarily good either. Coming in under budget may mean that you are not accomplishing the initiatives that you promised you would, reflecting poor job performance.

    Impact and Result

    • Implement a formal budget management process that documents your planned budget and actual expenditures, tracks variances, and responds to those variances to stay on track towards budget goals.
    • Manage the expectations of business stakeholders by communicating the links between IT spend and business value in a way that is easily understood by the business.
    • Control for under- or overspending by using Info Tech’s budget management tool and tactics.

    Manage an IT Budget Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to understand the increasing expectations for IT departments to better manage their budgets, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Document

    Create a streamlined documentation process that also considers the elements of people and technology.

    • Manage an IT Budget – Phase 1: Document
    • Manage Your IT Budget Tool

    2. Track

    Track your planned budget against actual expenditures to catch areas of over- and underspending in a timely manner.

    • Manage an IT Budget – Phase 2: Track

    3. Control

    Leverage control mechanisms to manage variances in your budget.

    • Manage an IT Budget – Phase 3: Control
    [infographic]

    Workshop: Manage an IT Budget

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Document Budget

    The Purpose

    The first step of managing your IT budget is to make sure there is a properly documented budget that everyone agrees upon.

    Key Benefits Achieved

    A properly documented budget facilitates management and communication of the budget.

    Activities

    1.1 Review budget for the year.

    1.2 Document each budget in the tool.

    1.3 Review CAPEX vs. OPEX.

    1.4 Customize accounts to match your organization.

    Outputs

    Budget broken out into monthly increments and by each account.

    Budget documented in tool.

    Tool customized to reflect organization's specific accounts and terminology.

    2 Optimize Documentation Process

    The Purpose

    A proper documentation process forms the backbone for effective budget management.

    Key Benefits Achieved

    A streamlined documentation process with accurate inputs that also considers the elements of people and technology.

    Activities

    2.1 Draw out process flow of current documentation.

    2.2 Identify bottlenecks.

    2.3 Discuss and develop roadmap to solving bottlenecks.

    Outputs

    Process flow of current documentation process with identified bottlenecks.

    Plan to mitigate bottlenecks.

    3 Track and Control for Over- and Underspending

    The Purpose

    Track your planned budget against actual expenditures to catch areas of over- and underspending in a timely manner. Then, leverage control mechanisms to manage variances in your budget.

    Key Benefits Achieved

    Tracking and controlling for variances will help the IT department stay on track towards its budget goals. It will also help with communicating IT’s value to the business.

    Activities

    3.1 Walk through the “Overview Bar.”

    3.2 Document actual expenses incurred in fiscal to date.

    3.3 Review the risk of over- and underspending.

    3.4 Use the reforecast column to control for over- and underspend.

    Outputs

    Assess the “Overview Bar.”

    Document actual expenditures and committed expenses up to the current date.

    Develop a strategy and roadmap for how you will mitigate any current under- or overspends.

    Reforecast expenditures for each account for each month for the remainder of the fiscal year.

    Build a More Effective Go-to-Market Strategy

    • Buy Link or Shortcode: {j2store}559|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Marketing Solutions
    • Parent Category Link: /marketing-solutions
    • A weak or poorly defined Go-to-Market strategy is often the root cause of slow product revenue growth or missed product revenue targets.
    • Many agile-driven product teams rush to release, skipping key GTM steps leaving Sales and Marketing misaligned and not ready to fully monetize precious product investments.
    • Guessing at buyer persona and journey or competitive SWOT analyses – two key deliverables of an effective GTM strategy – cause poor marketing and sales outcomes.
    • Without the sales and product-aligned business case for launch called for in a successful GTM strategy, companies see low buyer adoption, wasted sales and marketing investments, and a failure to claim product and launch campaign success.

    Our Advice

    Critical Insight

    • Having an updated and compelling Go-to-Market strategy is a critical capability – as important as financial strategy, sales operations, and even corporate business development, given its huge impact on the many drivers of sustainable growth.
    • Establishing alignment through the GTM process builds long-term operational strength.
    • With a sound GTM strategy, marketers give themselves a 50% greater chance of product launch success.

    Impact and Result

    • Align stakeholders on a common vision and execution plan prior to the Build and Launch phases.
    • Build a foundation of buyer and competitive understanding to drive a successful product hypothesis, then validate with buyers.
    • Deliver a team-aligned launch plan that enables launch readiness and outlines commercial success.

    Build a More Effective Go-to-Market Strategy Research & Tools

    Build Your Go-to-Market Strategy

    Use this storyboard and its deliverables to build a baseline market, understand your buyer, and gain competitive insights. It will also help you design your initial product and business case, and align stakeholder plans to prep for build.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    • Build a More Effective Go-to-Market Strategy – Executive Brief

      Almost there!

      Please enter your email and a few details and you're on your way to an efficient process.

      Download ×
    • Build a More Effective Go-to-Market Strategy – Phases 1-3
    • Go-to-Market Strategy Presentation Template
    • Go-to-Market Strategy RACI and Launch Checklist Workbook
    • Product Market Opportunity Sizing Workbook
    • Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

    Infographic

    Workshop: Build a More Effective Go-to-Market Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Align on GTM Vision & Plan, Craft Initial Strategy

    The Purpose

    Align on GTM vision and plan; craft initial strategy.

    Key Benefits Achieved

    Confidence that market opportunity is sufficient.

    Deeper buyer understanding to drive product design and messaging and launch campaign asset design.

    Steering committee approval for next phase.

    Activities

    1.1 Outline a vision for GTM, roles required, identify Steering Committee lead, workstream leads, and teams.

    1.2 Capture GTM strategy hypothesis by working through initial draft of the Go-to-Market Strategy Presentation and business case.

    1.3 Capture team knowledge on buyer persona and journey and competitive SWOT.

    1.4 Identify info./data gaps, sources, and plan for capturing/gathering including buyer interviews.

    Outputs

    Documented Steering Committee and Working team.

    Aligned on GTM vision and process.

    Documented buyer persona and journey. Competitive SWOT analysis.

    Document team knowledge on initial GTM strategy, buyer personas, and business case.

    2 Identify Initial Business Case, Sales Forecast, and Launch Plan

    The Purpose

    Identify Initial Business Case, Sales Forecast, and Launch Plan.

    Key Benefits Achieved

    Confidence in size of market opportunity.

    Alignment of Sales and Product on product forecast.

    Assessment of marketing tech stack.

    Initial business case.

    Activities

    2.1 Size Product Market Opportunity and initial revenue forecast.

    2.2 Craft initial product hypothesis from buyer interviews including feature priorities, pricing, packaging, competitive differentiation, channel/route to market.

    2.3 Craft initial launch campaign, product release and sales and CX readiness plans.

    2.4 Identify launch budgets across each investment area.

    2.5 Discuss initial product launch business case and key activities.

    Outputs

    Product Serviceable Obtainable Market (SOM), Serviceable Available Market (SAM) and Total Available Market (TAM).

    Definition of product-market fit, uniqueness, and competitive differentiation.

    Preliminary campaign, targets, and readiness plans.

    Incremental budgets for each key stakeholder area.

    Preliminary product launch business case.

    3 Develop Launch Plans (I of II)

    The Purpose

    Develop final Launch plans and budgets in product and marketing.

    Key Benefits Achieved

    Align Product release/launch plans with the marketing campaign for launch.

    Understand incremental budgets from product and marketing for launch.

    Activities

    3.1 Apply product interviews to scope, MVP, roadmap, competitive differentiation, pricing, feature prioritization, routes to market, and sales forecast.

    3.2 Develop a more detailed launch campaign plan complete with asset-types, messaging, digital plan to support buyer journey, media buy plan and campaign metrics.

    Outputs

    Minimally Viable Product defined with feature prioritization. Product competitive differentiation documented Routes to market identified Sales forecast aligned with product team expectations.

    Marketing campaign launch plan Content marketing asset-creation/acquisition plan Campaign targets and metrics.

    4 Develop Launch Plans (II of II)

    The Purpose

    Develop final Launch Plans and budgets for remaining areas.

    Key Benefits Achieved

    Align Product release/launch plans with the marketing campaign for launch.

    Understand incremental budgets from Product and Marketing for launch.

    Activities

    4.1 Develop detailed launch/readiness plans with final budgets for: Sales enablement , Sales training, Tech stack, Customer onboarding & success, Product marketing, AR, PR, Corp Comms/Internal Comms, Customer Events, Employee Events, etc.

    Outputs

    Detailed launch plans, budgets for Product Marketing, Sales, Customer Success, and AR/PR/Corp. Comms.

    5 Present Final Business Case

    The Purpose

    To gain approval to move to Build and Launch phases.

    Key Benefits Achieved

    Align business case with Steering Committee expectations

    Approvals to Build and Launch targeted offering

    Activities

    5.1 Review final launch/readiness plans with final budgets for all key areas.

    5.2 Move all key findings into Steering Committee presentation slides.

    5.3 Present to Steering Committee; receive feedback.

    5.4 Incorporate Steering Committee feedback; update finial business case.

    Outputs

    Combined budgets across all areas. Final launch/readiness plans.

    Final Steering Committee-facing slides.

    Final approvals for Build and Launch.

    Further reading

    Build a More Effective Go-to-Market Strategy

    Maximize GTM success through deeper market and buyer understanding and competitive differentiation and launch team readiness that delivers target revenues.

    Table of Contents

    Section Title
    1 Executive Brief
    • Executive Summary
    • Analyst Perspective
    • Go-to-Market (GTM) strategy critical success factors
    • Key GTM challenges
    • Essential deliverables for GTM success
    • Benefits of a more effective GTM Strategy
    • Our methodology to support your success
    • Insight Summary
    • Blueprint deliverables and guided implementation steps
    2 Build baseline market, buyer, and competitive insights
    • Establish your team
    • Build buyer personas and journeys – develop initial messaging
    • Build initial product hypothesis
    • Size product market opportunity
    • Outline your key tech, app, and digital requirements
    • Develop your competitive differentiation
    • Select routes to market
    3 Design initial product and business case
    • Branding check
    • Formulate packaging and pricing
    • Craft buyer-valid product concept
    • Build campaign plan and targets
    • Develop budgets for creative, content, and media purchases
    • Draft product business case
    • Update GTM Strategy deck
    4 Align stakeholder plans to prep for build
    • Assess tech/tools support for all GTM phases
    • Outline sales enablement and customer success plan
    • Build awareness plan
    • Finalize business case
    • Final GTM plan deck

    Executive Brief

    Analyst Perspective

    Go-to-Market Strategy.

    A successful go-to-market (GTM) strategy aligns marketing, product, sales and customer success, sees decision making based on deep buyer understanding, and tests many basic assumptions often overlooked in today’s agile-driven product development/management environment.

    The disciplines you build using our methodology will not only support your team’s effort building and launching more successful products, but also can be modified for use in other strategic initiatives such as branding, M&A integration, expanding into new markets, and other initiatives that require a cross-functional and multidisciplined process.

    Photo of Jeff Golterman, Managing Director, SoftwareReviews Advisory.

    Jeff Golterman
    Managing Director
    SoftwareReviews Advisory

    Executive Summary

    An ineffective go-to-market strategy is often a root cause of:
    • Failure to attain new product revenue targets.
    • A loss of customer focus and poor new product/feature release buyer adoption.
    • Product releases misaligned with marketing, sales, and customer success readiness.
    • Low win rates compared to key competitors’.
    • Low contact-to-lead conversion rates.
    • Loss of executive/investor support for further new product development and marketing investments.
    Hurdles to go-to-market success include:
    • An unclear product-market opportunity.
    • A lack of well defined and prioritized buyer personas and needs that are well understood.
    • Poor competitive analysis that fails to pinpoint key areas of competitive differentiation.
    • Guessing at buyer journey and buyer-described ideal engagement within your lead gen engine.
    • A business case that calls for levels of customer value delivery (vs. feature MVPs) that can actually deliver wins and targeted revenue goals.
    Apply SoftwareReviews approach for greater GTM success.

    Our blueprint is designed to help you:

    • Align stakeholders on a common vision and execution plan prior to the build and launch phases.
    • Build a foundation of buyer and competitive understanding to drive a successful product hypothesis, then validate with buyers.
    • Deliver a team-aligned launch plan that enables launch readiness and outlines commercial success.

    SoftwareReviews Insight

    Creating a compelling go-to-market strategy, and keeping it current, is a critical software company function – as important as financial strategy, sales operations, and even corporate business development – given its huge impact on the many drivers of sustainable growth.

    Go-to-Market Strategy Critical Success Factors

    Your GTM Strategy is where a multi-disciplined team builds a strong foundation for overall product plan, build, launch, and manage success

    A GTM Strategy is not all art and not all science but requires both. Software leaders will establish a set of core capabilities upon which they will plan, build, launch and manage product success. Executives, when resourcing their GTM strategies, will begin with:
    • Strong Program Leadership – An experienced Program Manager will guide the team through each step of GTM Strategy and test team readiness before advancing to the next step.
    • Few Shortcuts – Successful teams will have navigated the process through all steps together at least once. Then future launches can skip steps where prior decisions still hold.
    • Stakeholder Buy-In – Strong collaboration among Sales, Marketing, and Product wins the day.
    • Strong Team Skills – Success depends on having the right talent, making the right decisions, and delivering the right outcomes enabled with the right set of technologies and integrated to reach the right buyers at the right moment.
    • Discipline and perseverance – Given that GTM Strategy is not easy, it’s not surprising that 75% of marketers cite a significant level of dissatisfaction with the outcomes of their GTM plan, build, and launch phases.
    Diagram titled 'Go-to-Market Phases' with phases 'Manage', 'Launch', 'Build', and highlighted as 'This blueprint focus': 'Plan'.

    SoftwareReviews Advisory Insight:
    Marketers who get GTM Strategy “right” give themselves a 50% greater chance of Build and Launch success.

    Sample of the 'PLAN' section of the GTM Strategy optimization diagram shown later.

    Go-to-Market Success is Challenging

    Getting GTM right is like winning an Olympic first-place crew finish. It takes teamwork, practice, and well-functioning tools and equipment.

    Stock image of a rowing team.

    • The goal of any Go-to-Marketing Strategy is not only to do it right once, but to do it over and over consistently.
    • A lack of GTM consistency often results in decelerating growth, and a weak GTM Strategy is likely the root cause when companies observe any of the following challenges:
      • Product opportunity is unclear and well-defined business cases are lacking
      • Buyer adoption slows of new features and launch revenue targets are missed
      • Sales and marketing are not ready when development releases new features
      • Sales win/loss ratios drop as customers tell us products are not competitively differentiated
      • Loss of executive support for new product investments
    • A company experiencing any one of these symptoms will find a remedy in plugging gaps in the way they Go-to-Market.

    “Figuring out a Go-to-Market approach is no trivial exercise – it separates the companies that will be successful and sustainable from those that won’t.” (Harvard Business Review)

    Slowing growth may be due to missing GTM Strategy essentials

    Marketers – Large and Small – will further test their GTM Strategy strength by asking “Are we missing any of the following?”

    • Product, Marketing, and Sales Alignment
    • Buyer personas and journeys
    • Product market opportunity size
    • Competitively differentiated product hypothesis
    • Buyer validated commercial concept
    • Sales revenue plan and program cost budget
    • Compelling business case for build and launch

    SoftwareReviews Advisory Insight:

    Marketers will go through the GTM Strategy process together across all disciplines at least once in order to establish a consistent process, make key foundational decisions (e.g. tech stack, channel strategy, pricing structure, etc.), and assess strengths and weaknesses to be addressed. Future releases to existing products don’t need to be re-thought but instead check-listed against prior foundational decisions.

    Is Your GTM Strategy Led and Staffed Properly?

    Staffing tree outlining GTM Strategy essentials. At the top are 'Steering Committee: CEO/GM in larger company, CFO/Senior Finance, Key functional leaders'. Next is 'Program Manager: Leads the GTM program. Workstream leads are “dotted line” for the program.' Followed by 'Workstream Leads: (PM) Product Marketing – Program leadership, (PD) Product Mgt. – Aligned with PM, (MO) Marketing Ops – SMB optional, (BR) Branding/Creative – SMB optional, (CI) Competitive Intel. – SMB optional, (DG) Demand Gen./Field Marketing. – crucial, (SE) Sales Enablement – crucial, (PR) PR/AR/Comms – SMB optional, and (CS) Customer Success – SMB optional'. In a 'Large Enterprise' each role is assigned to a separate person, but in a 'Small' Enterprise each person has multiple roles. 'SMB – as employees wear many hats, teams comprise members with requisite skills vs. specific roles/titles.'

    Benefits of a more effective go-to-market strategy

    Our research shows a more effective GTM Strategy delivers key benefits, including:
    • Increased product development ROI – with a finance-aligned business case, a buyer-validated value proposition, and the readiness of marketing and sales to product launch.
    • Launch campaign effectiveness – increases dramatically when messaging resonates with buyers and where they are in their journey.
    • Seller effectiveness – increases with buyer validated value proposition, competitive differentiation, and the ability to articulate to buyers.
    • Executive support – is achieved when an aligned sales, marketing, and product team proves consistent in delivering against release targets over and over again.

    SoftwareReviews Advisory Insight:
    Many marketers experiencing the value of the GTM Steering Committee, extend its use into a “Product and Pricing Council” (PPC) in order to move product-related decision making from ad-hoc to structured, and to reinforce GTM Strategy guardrails and best practices across the company.

    “Go-to-Market Strategies aren’t just for new products or services, they can also be used for:
    • Acquiring other businesses
    • Changing your business’s focus
    • Announcing a new feature
    • Entering a new market
    • Rebranding
    • Positioning or repositioning

    And while each GTM strategy is unique, there are a series of steps that every product marketer should follow.” (Product Marketing Alliance)

    Is your GTM Strategy optimized?

    Large detailed layout of the steps needed to 'Make Your Go-to-Market Strategy More Successful'. 'GTM Planning Success Can Be Elusive'; '75% of high-tech marketers desire a more effective GTM strategy...'. Steps: '1 Your Challenges - Are You Feeling Any of These Pains?', '2 Framework - Stay Aligned', '3 Planning - Check Your GTM Plan Steps', '4 Insight - Deliver Key Output', and '5 Results - Reap Key Benefits'. Source: SoftwareReviews, powered by Info-Tech Research Group.

    Marketers, in order to optimize a go-to-market strategy, will:

    1. Self assess for symptoms of a sub-optimized approach.
    2. Align marketing, sales, product, and customer success with a common vision and execution plan.
    3. Diagnose for missing steps.
    4. Ensure creation of key deliverables.
    5. And then be able to reap the rewards.

    Who benefits from an optimized go-to-market strategy?

    This research is designed for:
    • High-tech marketers who are:
      • Looking to improve any aspect of their go-to-market strategy.
      • Looking for a checklist of roles and responsibilities across the product planning, build, and launch processes.
      • Looking to foster better alignment among key stakeholders such as product marketing, product management, sales, field marketing/campaigners, and customer success.
      • Looking to build a stronger business case for new product development and launch.
    This research will help you:
    • Explain the benefits of a more effective go-to-market strategy to stakeholders.
    • Size the market opportunity for a product/solution.
    • Organize stakeholders for GTM operational success.
    • More easily present the GTM strategy to executives and colleagues.
    • Build and present a solid business case for product build and launch.
    This research will also assist:
    • High-tech marketing and product leaders who are:
      • Looking for a framework of best practices to improve and scale their GTM planning.
      • Looking to align team members from all the key teams that support high-tech product planning, build, launch, and manage.
    This research will help them:
    • Align stakeholders on an overall GTM strategy.
    • Coordinate tasks and activities involved across plan, build, launch, and manage – the product lifecycle.
    • Avoid low market opportunity pursuits.
    • Avoid poorly defined product launch business cases.
    • Build competence in managing cross-functional complex programs.

    SoftwareReviews’ Approach

    1

    Build baseline market, buyer, and competitive insights

    Sizing your opportunity, building deep buyer understanding, competitive differentiation, and routes to market are fundamental first steps.

    2

    Design initial product and business case

    Validate positioning and messaging against brand, develop packaging and pricing, and develop digital approach, launch campaign approach and supporting budgets across all areas.

    3

    Align stakeholder plans to prep for build

    Rationalize product release and concept to sales/financial plan and further develop customer success, PR/AR, MarTech, and analytics/metrics plans.

    Our methodology provides a step-by-step approach to build a more effective go-to-market strategy

    1.Build baseline market, buyer, and competitive insights 2. Design initial product and business case 3. Align stakeholder plans to prep for build
    Phase Steps
    1. Select Steering Committee, GTM team, and outline roles and responsibilities. Build an aligned vision.
    2. Build initial product hypothesis based on sales and buyer “jobs to be done” research.
    3. Size the product market opportunity.
    4. Outline digital and tech requirements to support the full GTM process.
    5. Clarify target buyer personas and the buyer journey.
    6. Identify competitive gaps, parity, and differentiators.
    7. Select the most effective routes to market.
    8. Craft initial GTM Strategy presentation for executive review and status check.
    1. Compare emerging messaging and positioning with existing brand for consistency.
    2. Formulate packaging and pricing.
    3. Build a buyer-validated product concept.
    4. Build an initial campaign plan and targets.
    5. Develop initial budgets across all areas.
    6. Draft an initial product business case.
    7. Update GTM Strategy for executive review and status check.
    1. Assess technology and tools support for GTM strategy as well as future phases of GTM build, launch, and manage.
    2. Outline support for customer onboarding and ongoing engagement.
    3. Build an awareness plan covering media, social media, and industry analysts.
    4. Finalize product business case with collaborative input from product, sales, and marketing.
    5. Develop a final executive presentation for request for approval to proceed to GTM build phase.
    Phase Outcomes
    1. Properly sized market opportunity and a unique buyer value proposition
    2. Buyer persona and journey mapping with buyer needs and competitive SWOT
    3. Tech stack modernization requirements
    4. First draft of business case
    1. Customer-validated value proposition and product-market fit
    2. Initial product business case with sales alignment
    3. Initial launch plans including budgets across all areas
    1. Key stakeholders and their plans are fully aligned
    2. Executive sign-off to move to GTM build phases

    Insight summary

    Your go-to-market strategy ability is a strategic asset

    Having an updated and compelling go-to-market strategy is a critical capability – as important as financial strategy, sales operations, and even corporate business development – given its huge impact on the many drivers of sustainable growth.

    Build the GTM Steering Committee into a strategic decision-making body

    Many marketers experiencing the value of the GTM Steering Committee extend its use into a “Product and Pricing Council” (PPC) in order to move product-related decision making from ad-hoc to structured, and to reinforce GTM Strategy guardrails and best practices across the company.

    A strong MarTech apps and analytics stack differentiates GTM leaders from laggards

    Marketers that collaborate closely with Marketing Ops., Sales Ops., and IT early in the process of a go-to-market strategy will be best able to assess whether current website/digital, marketing applications, CRM/sales automation apps, and tools can support the complete Go-to-Market process effectively.

    Establishing alignment through the GTM process builds long term operational strength

    Marketers will go through the GTM Strategy process together across all disciplines at least once in order to establish a consistent process, make key foundational decisions (e.g. tech stack, channel strategy, pricing structure, etc.), and assess strengths and weaknesses to be addressed.

    Build speed and agility

    Future releases to existing products don’t need be re-thought but instead check-listed against prior foundational decisions.

    GTM Strategy builds launch success

    Marketers who get GTM Strategy “right” give themselves a 50% greater chance of build and launch success.

    Blueprint deliverables

    Each step of this blueprint is accompanied by supporting deliverables to help you accomplish your goals:

    Key deliverable:

    Go-to-Market Strategy Presentation Template

    Capture key findings for your GTM Strategy within the Go-to-Market Strategy Presentation Template.

    Sample of the key deliverable, the Go-to-Market Strategy Presentation Template.

    Go-to-Market Strategy RACI and Launch Checklist Workbook

    Includes a RACI model and launch checklist that helps scope your working team’s roles and responsibilities.

    Sample of the Go-to-Market Strategy RACI and Launch Checklist Workbook deliverable.

    Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

    Capture launch incremental costs that, when weighed against the forecasted revenue, illustrate gross margins as a crucial part of the business case.

    Sample of the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook deliverable.

    Product Market Opportunity Sizing

    While not a deliverable of this blueprint per se, the Product Market Opportunity blueprint is required.

    Sample of the Product Market Opportunity Sizing deliverable. This blueprint calls for downloading the following additional blueprint:

    Buyer Persona and Journey blueprint

    While not a deliverable of this blueprint per se, the Buyer Persona and Journey blueprint is required

    Sample of the Buyer Persona and Journey blueprint deliverable.

    Info-Tech offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    "Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful." "Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track." "We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place." "Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project."
    Included within advisory membership Optional add-ons

    Guided Implementation

    A Guided Implementation (GI) is a series of calls with a SoftwareReviews Advisory analyst to help implement our best practices in your organization.

    For guidance on marketing applications, we can arrange a discussion with an Info-Tech analyst.

    Your engagement managers will work with you to schedule analyst calls.

    What does our GI on Build a More Effective Go-to-Market Strategy look like?

    Build baseline market, buyer, and competitive insights

    Design initial product and business case

    Align stakeholder plans to prep for build

    Call #1: Share GTM vision and outline team activities for the GTM Strategy process. Plan next call – 1 week.

    Call #2: Outline product market opportunity approach and steps to complete. Plan next call – 1 week.

    Call #3: Hold a series of inquiries to do a modernization check on tech stack. Plan next call – 2 weeks.

    Call #4: Discuss buyer interview process, persona, and journey steps. Plan next call – 2 weeks.

    Call #5: Outline competitive differentiation analysis, routes to market, and review of to-date business case. Plan next call – 1 week.

    Call #6: Discuss brand strength/weakness, pricing, and packaging approach. Plan next call – 3 weeks.

    Call #7: Outline needs to craft assets with right messaging across campaign launch plan and budget. Outline needs to create plans and budgets across rest of marketing, sales, CX, and product. Plan next call – 1 week.

    Call #8: Review template and approach for initial business case and sales and product alignment. Plan next call – 1 week.

    Call #9: Review initial business case and launch plans across marketing, sales, CX, and product. Plan next call – 1 week.

    Call #10: Discuss plans/needs/budgets for tech stack modernization. Plan next call – 3 days.

    Call #11: Discuss plans/needs/budgets for CX readiness for launch. Plan next call – 3 days.

    Call #12: Discuss plans/needs/budgets for digital readiness for launch. Plan next call – 3 days.

    Call #13: Discuss plans/needs/budgets for marketing and sales readiness for launch. Plan next call – 3 days.

    Call #14: Review final business case and coach on Steering Committee Presentation. Plan next call – 1 week.

    A Go-to-Market Workshop Overview

    Contact your engagement manager for more information.
    Day 1 Day 2 Day 3 Day 4 Day 5
    Align on GTM Vision & Plan, Craft Initial Strategy
    Identify Initial Business Case, Sales Forecast and Launch Plan
    Develop Launch Plans (i of ii)
    Develop Launch Plans (ii of ii)
    Present Final Business Case to Steering Committee
    Activities

    1.1 Outline a vision for GTM and roles required, identify Steering Committee lead, workstream leads, and teams.

    1.2 Capture GTM strategy hypothesis by working through initial draft of GTM Strategy Presentation and business case.

    1.3 Capture team knowledge on buyer persona and journey and competitive SWOT.

    1.4 Identify information/data gaps and sources and plan for capturing/gathering including buyer interviews.

    Plan next day 2-3 weeks after buyer persona/journey interviews.

    2.1 Size product market opportunity and initial revenue forecast.

    2.2 Craft initial product hypothesis from buyer interviews including feature priorities, pricing, packaging, competitive differentiation, and channel/route to market.

    2.3 Craft initial launch campaign, product release, sales, and CX readiness plans.

    2.4 Identify launch budgets across each investment area.

    2.5 Discuss initial product launch business case and key activities.

    Plan next day 2-3 weeks after product hypothesis-validation interviews with customers and prospects.

    3.1 Apply product interviews to scope, MVP, and roadmap competitive differentiation, pricing, feature prioritization, routes to market and sales forecast.

    3.2 Develop more detailed launch campaign plan complete with asset-types, messaging, digital plan to support buyer journey, media buy plan and campaign metrics.

    4.1 Develop detailed launch/readiness plans with final budgets for:

    • Sales enablement
    • Sales training
    • Tech stack
    • Customer onboarding & success
    • Product marketing
    • AR
    • PR
    • Corp comms/Internal comms
    • Customer events
    • Employee events
    • etc.

    5.1 Review final launch/readiness plans with final budgets for all key areas.

    5.2 Move all key findings up into Steering Committee presentation slides.

    5.3 Present to Steering Committee, receive feedback.

    5.4 incorporate Steering Committee feedback; update finial business case.

    Deliverables
    1. Documented Steering Committee and working team, aligned on GTM vision and process.
    2. Document team knowledge on initial GTM strategy, buyer persona and business case.
    1. Definition of product market fit, uniqueness and competitive differentiation.
    2. Preliminary product launch business case, campaign, targets, and readiness plans.
    1. Detailed launch plans, budgets for product and marketing launch.
    1. Detailed launch plans, budgets for product marketing, sales, customer success, and AR/PR/Corp. comms.
    1. Final GTM Strategy, launch plan and business case.
    2. Approvals to move to GTM build and launch phases.

    Build a More Effective Go-to-Market Strategy

    Phase 1

    Build baseline market, buyer, and competitive insights

    Phase 1

    1.1 Select Steering Cmte/team, build aligned vision for GTM

    1.2 Buyer personas, journey, initial messaging

    1.3 Build initial product hypothesis

    1.4 Size market opportunity

    1.5 Outline digital/tech requirements

    1.6 Competitive SWOT

    1.7 Select routes to market

    1.8 Craft GTM Strategy deck

    Phase 2

    2.1 Brand consistency check

    2.2 Formulate packaging and pricing

    2.3 Craft buyer-valid product concept

    2.4 Build campaign plan and targets

    2.5 Develop cost budgets across all areas

    2.6 Draft product business case

    2.7 Update GTM Strategy deck

    Phase 3

    3.1 Assess tech/tools support for all GTM phases

    3.2 Outline sales enablement and Customer Success plan

    3.3 Build awareness plan

    3.4 Finalize business case

    3.5 Final GTM Plan deck

    This phase will walk you through the following activities:

    • Steering Committee and Team formulation
    • A vision for go-to-market strategy
    • Initial product hypothesis
    • Market Opportunity sizing
    • Tech stack/digital requirements
    • Buyer persona and journey
    • Competitive gaps, parity, differentiators
    • Routes to market
    • GTM Strategy deck

    This phase involves the following stakeholders:

    • Steering Committee
    • Working group leaders

    To complete this phase, you will need:

    Go-to-Market Strategy Presentation Template Go-to-Market Strategy RACI and Launch Checklist Workbook Buyer Persona and Journey blueprint Product Market Opportunity Sizing Workbook
    Sample of the Go-to-Market Strategy Presentation Template deliverable. Sample of the Go-to-Market Strategy RACI and Launch Checklist Workbook deliverable. Sample of the Buyer Persona and Journey blueprint deliverable. Sample of the Product Market Opportunity Sizing Workbook deliverable.
    Use the Go-to-Market Strategy Presentation Template to document the results from the following activities:
    • Documenting your GTM Strategy stakeholders
    • Documenting your GTM Strategy working team
    Use the Go-to-Market Strategy RACI and Launch Checklist Workbook to:
    • Review the scope of roles and responsibilities required
    • Document the roles and responsibilities of your teams
    Use the Buyer Persona and Journey blueprint to:
    • Interview sales and customers/prospects to inform product concepts, understand persona and later, flush out buyer journey
    Use the Product Market Opportunity Sizing blueprint to:
    • Project Serviceable Obtainable Market (SOM), Serviceable Available Market (SAM), and Total Available Market (TAM) from your current penetrated market

    Step 1.1

    Identify a GTM Program Steering Committee and Team. Build an Aligned Vision for Your Go-to-Market Strategy Approach

    Activities
    • 1.1.1 Identify the Steering Committee of key stakeholders whose support will be critical to success
    • 1.1.2 Select your go-to-market strategy program team
    • 1.1.3 Discuss an overview of the GTM process and program roles and responsibilities with stakeholders and GTM workstream leads
    • 1.1.4 Develop a Go-to-Market launch, tiering, time-line, and overall program plan
    • 1.1.5 Work with each workstream lead on their overall project plan and incremental budget requirements

    This step will walk you through the following activities:

    • Identify stakeholders – your Steering Committee
    • Identify team members
    • Present a vision of GTM Strategy

    This step involves the following participants:

    • Steering Committee
    • Program workstream leads

    Outcomes of this step

    • Steering Committee identified
    • Team members identified
    • All aligned on the GTM process
    • Go-to-market strategy timeline and program plan
    Phase 1 - Formulate a hypothesis and run discovery on key fundamentals
    Step 1.1 Step 1.2 Step 1.3 Step 1.4 Step 1.5 Step 1.6 Step 1.7 Step 1.8

    1.1.1 Identify stakeholders critical to success

    1-2 hours

    Input: Steering Committee interviews, Recognition of Steering Committee interest

    Output: List of GTM Strategy stakeholders as Steering Committee members

    Materials: Following slide outlining the key responsibilities required of the Steering Committee members, A high-Level timeline of GTM Strategy phases and key milestone meetings

    Participants: CMO, sponsoring executive, Functional leads - Marketing, Product Marketing, Product Management, Sales, Customer Success

    1. The GTM Strategy initiative manager should meet with the CMO to determine who will comprise the Steering Committee for your GTM Strategy.
    2. Finalize selection of steering committee members.
    3. Meet with members to outline their roles and responsibilities and ensure their willingness to participate.
    4. Document the steering committee members and the milestone/presentation expectations for reporting project progress and results.

    SoftwareReviews Advisory Insight:
    Go To Market Steering Committee’s can become an important ongoing body to steer overall product, pricing and other GTM decisions. Some companies have done so by adding the CEO and CFO to this committee and designated it as a permanent body that meets monthly to give go/no decisions to “all things product related” across all products and business units. Leaders that use this tool well, stay aligned, demonstrate consistency across business units and leverage outcomes across business units to drive greater scale.

    Go-to-Market Strategy Stakeholders

    Understand that aligning key stakeholders around the way your company goes to market is an essential company function.

    Title Key Roles Supporting an Effective Go-to-Market Strategy
    Go-to-Market Strategy Sponsor
    • Owns the function at the management/C-suite level
    • Responsible for breaking down barriers and ensuring alignment with organizational strategy
    • CMO, VP of Marketing, and in SMB Providers, the CEO
    Go-to-Market Strategy Program Manager
    • Typically a senior member of the marketing team
    • Responsible for organizing the GTM Strategy process, preparing summary executive-level communications and approval requests
    • Program manages the GTM Strategy process, and in many cases, the continued phases of build and launch.
    • Product Marketing Director, or other marketing director, that has strong program management skills, has run large scale marketing and/or product programs, and is familiar with the stakeholder roles and enabling technologies
    Functional Workstream Leads
    • Works alongside the Go-to-Market Strategy Initiative Manager on a specific product launch, campaign, rebranding, new market development, etc. and ensures their functional workstreams are aligned with the GTM Strategy
    • With typical GTM B2B a representative from each of the following functions will comprise the team:
      • Product Marketing, Product Management, Field Marketing, Creative, Marketing Ops/Digital, PR/Corporate Comms/AR, Social Media Marketing, Sales Operations, Sales Enablement/Training, and Customer Success
    Digital, Marketing/Sales Ops/IT Team
    • Comprised of individuals whose application and tech tools knowledge and skills are crucial to supporting the entire marketing tech stack and its integration with Sales/CRM
    • Responsible for choosing technology that supports the business requirements behind Go-to-Market Strategy, and eventually the build and launch phases as well
    • Digital Platforms, CRM, Marketing Applications and Analytics managers
    Steering Committee
    • Comprised of C-suite/management-level individuals that guide key decisions, approve of requests, and mitigate any functional conflicts
    • Responsible for validating goals and priorities, defining the scope, enabling adequate resourcing, and managing change especially among C-level leaders in Sales & Product
    • CMO, CTO/CPO, CRO, Head of Customer Success

    Download the Go-to-Market Strategy Presentation Template

    Roles vary by company size. Launch success depends on clear responsibilities

    Sample of the Go-to-Market Strategy RACI and Launch Checklist Workbook.

    Download the Go-to-Market Strategy RACI and Launch Checklist Workbook

    Success improves when you align & assign
    • Go-to-Market, build, and launch success improves when:
      • Phases and steps are outlined
      • Key activities are documented
      • Roles/functions are described
      • At the intersection of activities and role, whether the role is “Responsible,” “Accountable,” “Consulted,” or “Informed” is established across the team
    • Leaders will hold a workshop to establish RACI that fits with the scope and scale of your organization.
    • Confusion, conflict, and friction can be dramatically reduced/eliminated with RACI adoption and practice.
    • Review the RACI model and launch checklist within the Go-to-Market Strategy RACI and Launch Checklist Workbook in order to identify the full scope of roles and responsibilities needed.

    Go-to-Market Strategy Working Team

    Consider the skills and knowledge required for GTM Strategy as well as build and launch functions when choosing teams.

    Work with functional leaders to select workstream leads

    Workstream leads should be strong in collaboration, coordination of effort among others, knowledgeable about their respective function, and highly organized as they may be managing a team of colleagues within their function to deliver their responsible portion of GTM.

    Required Skills/Knowledge

    • Target Buyer
    • Product Roadmap
    • Brand
    • Competitors
    • Campaigns/Lead Gen
    • Sales Enablement
    • Media/Analysts
    • Customer satisfaction

    Suggested Functions

    • Product Marketing
    • Product Management
    • Creative Director
    • Competitive Intelligence
    • Demand Gen./Field Marketing
    • Sales Ops/Training/Enablement
    • PR/AR/Corporate Comms.
    • Customer Success
    Roles Required in Successful GTM Strategy
    For SMB companies, as employees wear many different hats, assign people that have the requisite skills and knowledge vs. the role title.

    Download the Go-to-Market Strategy RACI and Launch Checklist Workbook

    1.1.2 Select the GTM Strategy working team

    1-2 hours

    Input: Stakeholders and leaders across the various functions outlined to the left

    Output: List of go-to-market strategy team members

    Materials: Go-to-Market Strategy Workbook

    Participants: Initiative Manager, CMO, Sponsoring executive, Departmental Leads – Sales, Marketing, Product Marketing, Product Management (and others), Marketing Applications Director, Senior Digital Business Analyst

    1. The GTM Strategy Initiative Manager should meet with the GTM Strategy Sponsor and functional leaders of workstream areas/functions to determine which team members will serve as Steering Committee members and who will serve as workstream leads.
    2. The working team for your go-to-market strategy should have the following roles represented in the working team:
      • Depending on the initiative and the size of the organization, the team will vary.
      • Key business leaders in key areas – Product Marketing, Field Marketing, Digital Marketing, Inside Sales, Sales, Marketing Ops., Product Management, and IT – should be involved.
    3. Document the members of your go-to-market strategy team in the Go-to-Market Strategy Presentation slide entitled “Our Team.”

    Download the Go-To-Market Strategy RACI and Launch Checklist Workbook

    1.1.3 Develop a timeline for key milestones

    1 hour

    Timeline for Key Milestones with row headers 'Go-to-Market Phases', 'Major Milestones', and 'Key Phase Activities'. The phases (each column) and their associated activities are 'PLAN - Create buyer-validated product concept, size opportunity, and build business case', 'BUILD - Build product and enable readiness across the rest of marketing sales and customer success', 'LAUNCH - Release product, launch campaigns, and measure progress toward objectives', and then post-phase is 'MANAGE'. Notes in the 'Major Milestones' row: 'Outline key dates', 'Update with 'Today's Date' as you make progress', and 'Use GTM Plan major milestones or create your own'.

    GTM Program Managers:

    1. Will establish key program milestones working collaboratively with the Steering Cmte. and workstream leads.
    2. Outline key ”Market-facing” or external deliverables & dates, as well as internal.
    3. More detailed deliverable plans are called for working with workstream leads.
    4. This high-level overview will be used in regular Steering Cmte. and working team meets
    5. Record in the Go-to-Market Strategy Presentation

    Download the Go-to-Market Strategy Presentation Template

    1.1.5 Share your GTM strategy vision with your team

    1-2 hours

    Input: N/A

    Output: Team understanding of an effective go-to-market strategy, team roles and responsibilities and initial product and launch concept.

    Materials: The Build a More Effective Go-to-Market Strategy Executive Brief

    Participants: GTM Program Manager, CMO, Sponsoring executive, Workstream leads

    1. Download the Build a More Effective Go-to-Market Strategy Executive Brief and add the additional slides on Team Composition and Key Milestones you have created in prior steps as appropriate.
    2. Convene the Steering Committee and Working Team and take them through the Build a More Effective Go-to-Market Strategy Executive Brief with your additional slides to:
      1. Communicate team composition, roles and responsibilities, and key GTM Strategy program milestones.
      2. Educate them on what comprises a complete GTM Strategy from the Executive Brief.
    3. Optional: As a SoftwareReviews Advisory client, invite a SoftwareReviews analyst to present the Executive Brief if that is of help to you and your team.

    Go to the Build a More Effective Go-to-Market Strategy Executive Brief

    GTM program managers and workstream leads will collaborate on detailed project plans

    Timeline titled 'Workstreams Status' with a legend of shapes and colors, activities listed as row headers, timeline sections 'EXPLORE', 'DESIGN', 'ALIGN', and 'BUILD', and a column at the end of the timelines for the name of the workstream lead. Notes: 'Change names to actual workstream. Create separate pages for each', 'Overlay colored bars to indicate on/off track', 'Describe major deliverables & due dates', 'Outline major milestones', 'Update with your actual month and week-ending dates', 'Add workstream lead names'.

    Program managers will:

    • Outline an overall more detailed way of tracking GTM program workstreams, key dates and on/off track status

    Program managers & workstream leads will:

    • Call out each key workstream and workstream lead
    • Outline key deliverables and due dates
    • Track weekly for communicating status to Steering Cmte and working team meetings

    Use the Launch Checklist when building out full project plans

    Sample Launch Checklist table with project info above, and table columns 'Component', 'Owner', 'Start Date', 'Finish Date', 'G2M Plan', and 'Build'.

    Download the Go-to-Market Strategy RACI and Launch Checklist Workbook

    Continuous improvement is enabled with a repeatable process
    • With ownership assigned and set-back schedules in place, product marketing and management leaders can take the guesswork out of the GTM plan and build and launch process for the entire team.
    • “Lighter” versions are created for lower-tier releases.
    • Checklists ensure “we haven’t missed anything” and drive clarity among the team.
    • Articulating where we are now and what’s next increases management confidence.
    • Rinse and repeat improves overall quality and drives scale.

    1.1.6 Develop a project plan for each workstream

    Work with your workstream leads to see them develop a detailed project plan that spans all their deliverables for a GTM Strategy
    1. It’s essential that GTM initiative managers can rely upon workstream leads to provide the status of their respective workstreams in a shared environment for easy weekly updating and reporting.
    2. We suggest the following approach:
      1. GTM initiative managers should maintain a copy of the GTM Strategy Presentation in a shared drive so workstream leads can provide updates.
      2. Workstream leads should work with their GTM initiative manager to populate a version of the workstream tracker shown on the previous slide that enables team status reporting.
      3. Additional slides that actually show “work completed” (e.g. images of assets created, training plans, screen caps of software functionality, etc.) should be reviewed each week as well.
      4. GTM initiative leaders/program managers are advised to summarize the to-date work completed across the team into the Go-To-Market Product and Launch Business Case slides to demonstrate progress to the Steering Committee.
    3. The goal is to keep tracking manageable. Because status is most easily shown during Steering Committee and Working Team meetings using PowerPoint, we recommend a simple approach to program management by using PowerPoint.
    Using the Go-to-Market Strategy Presentation:
    3-4 hours Initial, 1-2 hours weekly
    1. Work with your workstream leads to create a slide for each workstream that will contain all the key milestones.
    2. Some teams will choose to use project management software, others a PowerPoint representation, which makes for easy presentation during status meets.
    3. Use the following resources:
      • In the Go-to-Market Strategy RACI and Launch Checklist Workbook, reference the Launch Checklist.
      • In the Go-to-Market Presentation, use the Appendix slides and complete for each workstream.
    4. The GTM initiative manager must be able to track status with workstream leads and present status to the rest of the team during Steering Committee and workstream lead meetings.

    Download the Go-to-Market Strategy Presentation Template

    Download the Go-To-Market Strategy RACI and Launch Checklist Workbook

    Step 1.2

    Hold Interviews With Sales Then Customers and Prospects to Inform Your Initial Product Concept

    Activities
    • 1.2.1 Use the SoftwareReviews Buyer Persona and Journey Interview Guide and Data Capture Tool found within the SoftwareReviews Buyer Persona and Journey blueprint.
    • 1.2.2 Follow the instructions within the above blueprint and hold interviews with Sales and customers and prospects to inform your buyer persona, initial product hypothesis, and buyer journey.
    • 1.2.3 Flush out the initial product and launch concept using the slides found within the Go-to-Market Strategy Presentation Template. You will continually refine the Go-to-Market Strategy Presentation Template such that you turn the Product and Launch descriptions into a business case for product build and launch. We advise you and your team to populate the slides to begin to inform an initial concept, then hold interviews with Sales, customers, and prospects to refine. The best way to capture customer and prospect insights is to use the Buyer Persona and Journey blueprint.

    This step will walk you through the following activities:

    • Schedule time with sales/sales advisory to flush out the product concept
    • Develop your customer and prospect interviewee list
    • Consolidate findings for your GTM Strategy program slide deck

    This step involves the following participants:

    • Sales/sales advisory, product management, initiative leader (product marketing)
    • Customers and prospects

    Outcomes of this step

    • Guidance from sales on product concept
    • Initial guidance from customers and prospective buyers
    • Agreement to proceed further

    Phase 1 - Formulate a hypothesis and run discovery on key fundamentals

    Step 1.1 Step 1.2 Step 1.3 Step 1.4 Step 1.5 Step 1.6 Step 1.7 Step 1.8

    Documenting buyer personas enables success beyond marketing

    Documenting buyer personas has several essential benefits to marketing, sales, and product teams:
    • Achieve a better understanding of your target buyer – by building a detailed buyer persona for each type of buyer and keeping it fresh, you take a giant step in becoming a customer-centric organization.
    • Align the team on a common definition – will happen when you build buyer personas collaboratively and among teams that touch the customer.
    • Improved lead generation – increases dramatically when messaging and marketing assets across your lead generation engine better resonate with buyers because you have taken the time to understand them deeply.
    • More effective selling – is possible when sellers apply persona development output to their interactions with prospects and customers.
    • Better product-market fit – increases when product teams more deeply understand for whom they are designing products. Documenting buyer challenges, pain points, and unmet buyer needs gives product teams what they need to optimize product adoption.
    “It’s easier buying gifts for your best friend or partner than it is for a stranger, right? You know their likes and dislikes, you know the kind of gifts they’ll have use for, or the kinds of gifts they’ll get a kick out of. Customer personas work the same way. By knowing what your customer wants and needs, you can present them with content targeted specifically to those wants and needs.” (Emma Bilardi, Product Marketing Alliance, July 8, 2020)

    Buyer persona attributes that need defining

    A well defined buyer persona enables us to:

    • Clarify target org-types, identify buying decision makers and key personas, and determine how they make decisions
    • Align colleagues around a common definition of target buyer(s) to drive improvements in messaging and engagement across marketing, sales, and customer success
    • Identify specific asset-types and tools that, when activated within our lead gen engine and in the hands of sellers, helps a buyer move through a decision process
    Functional – “to find them”
    Job Role Titles Org Chart Dynamics Buying Center Firmographics

    Emotive – “what they do and jobs to be done”
    Initiatives – What programs/projects the persona is tasked with and what are their feelings and aspirations about these initiatives? Motivations? Build credibility? Get promoted? Challenges – Identify the business issues, problems, and pain points, that impede attainment of objectives. What are their fears, uncertainties, and doubts about these challenges? Buyer need – They may have multiple needs; which need is most likely met with the offering? Terminology – What are the keywords/phrases they organically use to discuss the buyer need or business issue?

    Decision Criteria – “how they decide”
    Buyer role – List decision-making criteria and power level. The five common buyer roles are champion, influencer, decision maker, user, and ratifier (purchaser/negotiator). Evaluation and decision criteria – The lens, either strategic, financial, or operational, through which the persona evaluates the impact of purchase.

    Solution Attributes – “what the ideal solution looks like”
    Steps in “Jobs to be Done” Elements of the “Ideal Solution” Business outcomes from ideal solution Opportunity scope – other potential users Acceptable price for value delivered Alternatives that see consideration Solution sourcing – channel, where to buy

    Behavioral Attributes – “how to approach them successfully”
    Content preferences – List the persona’s content preferences, could be blog, infographic, demo, video, or other, vs. long-form assets (e.g. white paper, presentation, analyst report). Interaction preferences – Which among in-person meetings, phone calls, emails, video conferencing, conducting research via web, mobile, and social. Watering holes – Which physical or virtual places do they go to network or exchange info with peers e.g. LinkedIn, etc.

    Buyer journeys are constantly shifting

    If you haven’t re-mapped buyer journeys recently, you may be losing to competitors that have. Leaders re-map buyer journeys frequently.
    • The multi-channel buyer journey is constantly changing – today’s B2B buyer uses industry research sites, vendor content marketing assets, software reviews sites, contacts with vendor salespeople, events participation, peer networking, consultants, emails, social media sites, and electronic media to research purchasing decisions.
    • COVID has dramatically decreased face-to-face – we estimate a B2B buyer spent between 20-25% more time online researching software buying decisions in 2021 than they did pre-COVID. This has diminished the importance of face-to-face selling and has given dramatic rise to digital selling and outbound marketing.
    • Content marketing has exploded – but without mapping the buyer journey and knowing where (by channel) and when (which buyer journey step) to offer content marketing assets, we will fail to convert prospects into buyers.

    SoftwareReviews Advisory Insight:
    Marketers are advised to update their buyer journey annually and with greater frequency when the human vs. digital mix is effected due to events such as COVID, and as emerging media such as Augmented Reality shifts asset-type usage and engagement options.

    “Two out of three B2B buyers today prefer remote human interactions or digital self service.

    And during August 2020-February 2021, use of digital self service leapt by 10%” (McKinsey & Company, 2021.)

    Challenges of not mapping persona and journey

    A lack of buyer persona and journey understanding is frequently the root cause of the following symptoms:
    • Lead generation results are way below expectations.
    • Inconsistent product-market fit.
    • Sellers have low success rates doing discovery with new prospects.
    • Website abandonment rates are really high.

    These challenges are often attributed to messaging and talk tracks that fail to resonate with prospects and products that fail to meet the needs of targeted buyers.

    SoftwareReviews Advisory Insight:
    Marketers developing buyer personas and journeys that lack agreement among Marketing, Sales, and Product of personas to target will squander precious time and resources throughout the customer targeting and acquisition process.

    “Forty-four percent of B2B marketers have already discovered the power of personas.” (Boardview, 2016.)

    1.2.1 Interview Sales and customers/prospects

    12 - 15 Hours, over course of 2-3 weeks

    Input: Insights from Sellers, Insights from customers and prospects

    Output: Completed slides outlining buyer persona, buyer journey, overall product concept, and detailed features and capabilities needed

    Materials: Create a Buyer Persona and Journey blueprint, Go-to-Market Strategy Presentation

    Participants: Product management lead, GTM Program Manager, Select sellers, Workstream leads that wish to participate in interviews

    1. Using the Create a Buyer Journey and Persona Journey blueprint:
      • Follow the instructions to interview a group of Sellers, and most importantly, several customers and prospects
        • For this stage in the GTM Strategy process, the goal is to validate your initial product and launch concept.
        • We urge getting through all the interview questions with interviewees as the answers inform:
          • Product market fit and Minimal Viable Product
          • Competitive differentiation
          • Messaging, positioning, and campaign targeting
          • Launch campaign asset creation.
      • Place summary findings into the Go-to-Market Strategy Presentation, and for reference, place the Buyer Persona and Journey Summaries into the Go-to-Market Strategy Presentation Appendix.

    Download the Go-to-Market Strategy Presentation Template

    Download the Create a Buyer Journey and Persona Journey blueprint

    Step 1.3

    Update Your Product Concept

    Activities
    • 1.3.1 Based on Sales and Customer/Prospect interviews, update:
      • Your product concept slide
      • Detailed prioritization of features and capabilities

    This step calls for the following activities:

    • Update the product concept slide based on interview findings
    • Update/create the stack-ranking of buyer requested feature and capability priorities

    This step involves the following participants:

    • Product management lead
    • GTM initiative leader
    • Select workstream leads who sat in on interview findings

    Outcomes of this step

    • Advanced product concept
    • Prioritized features for development during Build phase
    • Understanding of MVP to deliver customer value and deal “wins”

    Phase 1 - Formulate a hypothesis and run discovery on key fundamentals

    Step 1.1 Step 1.2 Step 1.3 Step 1.4 Step 1.5 Step 1.6 Step 1.7 Step 1.8

    1.3.1 Update Product and Launch concept

    2 Hours

    Input: Insights from Sellers, Insights from customers and prospects

    Output: Completed slides outlining product concept and detailed features and capabilities needed

    Materials: Go-to-Market Strategy Presentation

    Participants: Product management lead, GTM Program Manager, Select sellers, Workstream leads that wish to participate in interviews

    1. Using the Go-to-Market Strategy Presentation:
      • With interview findings, update the Product and Launch Concept, Buyer Journey, and Capture Key Features/Capabilities of High Importance to Buyers slides

    Download the Go-to-Market Strategy Presentation Template

    Product and Launch Concept

    At this early stage, summarize findings from concept interviews to guide further discovery, as well as go-to-market concepts and initial campaign concepts in upcoming steps.

    Job Function Attributes

    Target Persona(s):
    Typical Title:
    Buying Center/functional area/dept.:

    Firmographics:
    Industry specific/All:
    Industry subsegments:
    Sizes (by revenues, # of employees):
    Geographical focus:

    Emotive Attributes

    Initiative descriptions: Buyer description of project/program/initiative. What terms used?

    Business issues: What are the business issues related to this initiative? How is this linked to a CEO-level mission-critical priority?

    Key challenges: What business/process hurdles need to be overcome?

    Pain points: What are the pain points to the business/personally in their role related to the challenges that drove them to seek a solution?

    Success motivations: What motivates our persona to be successful in this area?

    Solution and Opportunity

    Steps to do the job: What are the needed steps to do this job today?

    Key features and capabilities: What are the key solution elements the buyer sees in the ideal solution? (See additional detail slide with prioritized features.)

    Key business outcomes: In business terms, what value (e.g. cost/time/FTE savings, deals won, smarter, etc.) is expected by implementing this solution?

    Other users/opportunities: Are there other users in the role team/company that would benefit from this solution?

    Pricing/Packaging

    What is an acceptable price to pay for this solution? Based on financial benefits and ROI hurdles, what’s a good price to pay? A high price? What are packaging options? Any competitive pricing to compare?

    Alternatives/Competition

    What are alternatives to this solution: How else would you solve this problem? Are there other solutions you’ve investigated?

    Channel Preferences

    Where would it be most convenient to buy?: Direct from provider? Channel partner/reseller? Download from the web?

    Decision Criteria Attributes

    Decision maker – Role, criteria/decision lens:
    User(s) – Role, criteria/decision lens:
    Influencer(s) – Role, criteria/decision lens:
    Ratifier(s) – Role, criteria/decision lens:

    Behavioral Attributes

    Interaction preferences: Best way for us to reach this role? Email? At events? Texting? Video calls?

    Content types: Which content types (specifics; videos, short blog/article, longer whitepapers, etc.) help us stay educated about this initiative area?

    Content sources: What news, data, and insight sources (e.g. specifics) do you use to stay abreast of what’s important for this initiative area?

    Update the Go-to-Market Strategy Presentation with findings from Sales and customer/prospect interviews.

    Capture key features/capabilities of high importance to buyers

    Ask buyers during interviews, as outlined in the Buyer Persona and Journey blueprint, to describe and rate key features by need. You will also review with buyers during the GTM Build phase, so it’s important to establish high priority features now.

    Example bar chart for 'Buyer Feature Importance Ratings' where 'Buyer Need' is rated for each 'Feature'.
    • List key feature areas for buyer importance rating.
    • Establish a rating scheme.
        E.g. a rating of:
      • 4.5 or higher = critical ROI driver
      • 3.5 to 4.5 = must haves
      • 2 to 3.5 = nice to have
      • Less than 2 = low importance
    • Have buyers rate each possible feature 0-5 after explaining the rating scheme. Ask – are we missing any key features?
    • Update this slide, found within the Go-to-Market Strategy Presentation, with customer/prospect interview findings.
    Perform the same buyer interviews for non-feature “capabilities” such as:
    • Ease of use, security, availability of training, service model, etc. – and other “non-feature” areas that you need for your product hypothesis.

    Step 1.4

    Size the Product Market Opportunity

    Activities
    • 1.3.1 Based on the product concept, size, and the product market opportunity and with a focus on your “Obtainable Market”:
      • Clarify the definitions used to size market opportunity.
      • Source data both internally and externally.
      • Calculate the available, obtainable market for your software product.

    This step will walk you through the following activities:

    • Review market sizing definitions and identify required data
    • Identify the target market for your software application
    • Source market and internal data that will support your market sizing
    • Document and validate with team members

    This step involves the following participants:

    • GTM initiative leader
    • CMO, select workstream leads

    Outcomes of this step

    • Definitions on market sizing views
    • Data sourcing established
    • Market sizing and estimated penetration calculations

    Phase 1 - Formulate a hypothesis and run discovery on key fundamentals

    Step 1.1 Step 1.2 Step 1.3 Step 1.4 Step 1.5 Step 1.6 Step 1.7 Step 1.8

    Market opportunity sizing definitions

    Your goal is to assess whether or not the opportunity is significantly sized and if you are well positioned to capture it

    1. This exercise is designed to help size the market opportunity for this particular product GTM launch and not the market opportunity for the entire product line or company. First a few market sizes to define:
      1. Penetrated – is your current revenues and can be expressed in your percentage vs. competitors’.
      2. Serviceable Obtainable Market (SOM) – larger than your currently penetrated market, and a percentage of SAM that can realistically be achieved. It accounts for your current limitations to reach and your ability to sell to buyers. It is restricted by your go-to-market ability and reduced by competitive market share. SOM answers: What increased market can we obtain by further penetrating accounts within current geographical coverage and go-to-market abilities and within our ability to finance our growth?
      3. Serviceable Available Market (SAM) – larger than SOM yet smaller than TAM, SAM accounts for current products and current go-to-market capabilities and answers: What if every potential buyer bought the products we have today and via the type of go-to-market (GTM) especially geographical coverage, we have today? SAM calls for applying our current GTM into unpenetrated portions of currently covered customer segments and regions.
      4. Total Available Market (TAM) – larger than SAM, TAM sizes a market assuming we could penetrate other customer segments within currently covered regions without regard for resources, capabilities, or competition. It answers the question: If every potential buyer within our available market – covered regions – bought, how big would the market be?
      5. Total Global Market – estimates market opportunity if all orgs in all segments and regions bought – with full disregard for resources and without the restrictions of our current GTM abilities.
      6. Develop your market opportunity sizing using the Product Market Opportunity Sizing Workbook.

    Download the Product Market Opportunity Sizing Workbook

    SoftwareReviews Advisory Insight:
    Product marketers that size the product market opportunity and account for the limitations posed by competitors, current sales coverage, brand permission, and awareness, provide their organizations with valuable insights into which inhibitors to growth should be addressed.

    Visualization of market opportunity sizes as circles within bigger circles, 'Penetrated Market' being the smallest and 'Global Market' being the largest.

    1.4.1 Size the product market opportunity

    Your goal is two-fold: Determine the target market size, and develop a realistic 12–24 month forecast to support your business case
    1. Open the Product Market Opportunity Sizing Workbook.
    2. Follow the instructions within.
    3. When finished, download the Go-to-Market Strategy Presentation and update the Product Market Opportunity Size slide with your calculated Product Market Opportunity Size.

    Download the Product Market Opportunity Sizing Workbook

    Download the Go-to-Market Strategy Presentation Template

    “Segmentation, targeting and positioning are the three pillars of modern marketing. Great segmentation is the bedrock for GTM success but is overlooked by so many.” (Product Marketing Alliance)

    Step 1.5

    Outline Digital and Tech Requirements

    Activities

    Designing your go-to-market strategy does not require a robust customer experience management (CXM) platform, but implementing your strategy during the next steps of Go-to-Market – Build then Launch – certainly does.

    Review info-Tech’s CXM blueprint to build a more complete, end-to-end customer interaction solution portfolio that encompasses CRM alongside other critical components.

    The CXM blueprint also allows you to develop strategic requirements for CRM based on customer personas and external market analysis called for during your GTM Strategy design.

    Diagram of 'Customer Relationship Management' surrounded by its components: 'Web Experience Management Platform', 'E-Commerce & Point-of-Sale Solutions', 'Social Media Management Platform', 'Customer Intelligence Platform', 'Customer Service Management Tools', and 'Marketing Management Suite'.

    These steps outlined in the CXM blueprint, will help you:

    • Assess your CRM application(s) and the environment in which they exist. Take a business-first strategy to prioritize optimization efforts.
    • Validate CRM capabilities, user satisfaction, issues around data, vendor management, and costs to build out an optimization strategy
    • Pull this all together to develop a prioritized optimization roadmap.

    This step involves the following participants:

    • Marketing Operations, Digital, IT
    • Project workstream leads as appropriate

    Outcomes of this step

    • After inquiries with appropriate analysts, client will be able to assess what new application and technology support is required to support Go To Market process.

    Phase 1 - Formulate a hypothesis and run discovery on key fundamentals

    Step 1.1 Step 1.2 Step 1.3 Step 1.4 Step 1.5 Step 1.6 Step 1.7 Step 1.8

    Step 1.6

    Identify features and capabilities that will drive competitive differentiation

    Activities
    • 1.6.1 Hold a session with key stakeholders including sales, customer success, product, and product marketing to develop a hypothesis of features and capabilities vs. competitors: differentiators, parity areas, and gaps (DPG).
    • Optional for clients with buyer reviews and key competitive reviews within target product category:
      • 1.6.2 Request from SoftwareReviews a 2X2 Matrix Report of Importance vs. Satisfaction for both features and capabilities within your product market/category to identify areas of competitive DPG.
      • 1.6.3 Hold an Inquiry with covering ITRG analysts in your product category to have them validate key areas of competitive DPG.
    • 1.6.4 Document competitive DPG and build out your hypothesis for product build as you ready for customer interviews to validate that hypothesis.

    This step will provide processes to help you:

    • Understand and document competitive differentiation, parity, and gaps

    This step involves the following participants:

    • Project workstream leads in product marketing, competitive intelligence, product management, and customer success

    Outcomes of this step

    • Develop a clear understanding of what differentiated capabilities to promote, which parity items to mention in marketing, and which areas are competitive gaps
    • Develop a hypothesis of what areas need to be developed during the Build phase of the Go-to-Market lifecycle

    Phase 1 - Formulate a hypothesis and run discovery on key fundamentals

    Step 1.1 Step 1.2 Step 1.3 Step 1.4 Step 1.5 Step 1.6 Step 1.7 Step 1.8

    Assess current capabilities and competitive differentiation vs. buyer needs

    Taking buyer needs ratings from step 1.3, assess your current and key competitive capabilities against buyer needs for both feature and non-feature capabilities. Incorporate into your initial product hypothesis.

    Example bar chart for 'Competitive Differentiation, Parity and Gaps – Features' comparing ratings of 'Buyer Need', 'Our Current Capabilities', and 'Competitive Capabilities' for each 'Feature'.

    • Rank features in order of buyer need from step 1.3.
    • Prioritize development needs where current capabilities are rated low. Spot areas for competitive differentiation especially in high buyer-need areas.
    Perform the analysis for non-feature capabilities such as:
    • ease of use
    • security
    • availability of training
    • service model

    Optional: Validate feature and capability importance with buyer reviews

    Request from your SoftwareReviews Engagement Manager the “Importance vs. Satisfaction” analysis for your product(s) feature and non-feature capabilities under consideration for your GTM Strategy

    Satisfaction
    Fix Promote
    Importance

    Low Satisfaction
    High Importance

    These features are important to their market and will highlight any differentiators to avoid market comparison.

    High Satisfaction
    High Importance

    These are real strengths for the organization and should be promoted as broadly as possible.

    Low Satisfaction
    Low Importance

    These features are not important for the market and are unlikely to drive sales if marketing material focuses on them. Rationalize investment in these areas.

    High Satisfaction
    Low Importance

    Features are relatively strong, so highlight that these features can meet customer needs
    Review Maintain

    Overall Category Product Feature Satisfaction Importance

    • Importance is based on how strongly satisfaction for a feature of a software suite correlates to the overall Likeliness to Recommend
    • Importance is relative – low scores do not necessarily indicate the product is not important, just that it’s not as important as other features

    (Optional for clients with buyer reviews and key competitive reviews within target product category.)

    Optional: Feature importance vs. satisfaction

    Example: ERP “Vendor A” ratings and recommended key actions. Incorporate this analysis into your product concept if updating an existing solution. Have versions of the below run for specific competitors.

    Importance vs. Satisfaction map for Features, as shown on the previous slide, but with examples mapped onto it using a legend, purple squares are 'Enterprise Resource Planning' and green triangles are 'Vendor A'.

    Features in the “Fix” quadrant should be addressed in this GTM Strategy cycle.

    Features in the “Review” quadrant are low in both buyer satisfaction and importance, so vendors are wise to hold on further investments and instead focus on “Fix.”

    Features in the “Promote” quadrant are high in buyer importance and satisfaction, and should be called out in marketing and selling.

    Features in the “Maintain” quadrant are high in buyer satisfaction, but lower in importance than other features – maintain investments here.

    (Optional for clients with buyer reviews and key competitive reviews within target product category.)

    Optional: Capabilities importance vs. satisfaction

    Example: ERP “Vendor A” capabilities ratings and recommended key actions. Incorporate this analysis into your product concept for non-feature areas if updating an existing solution. Have versions of the below run for specific competitors.

    Importance vs. Satisfaction map for Capabilities with examples mapped onto it using a legend, purple squares are 'Enterprise Resource Planning' and green triangles are 'Vendor A'.

    Capabilities in the “Fix” quadrant should be addressed in this GTM Strategy cycle.

    Capabilities in the “Review” quadrant are low in both buyer satisfaction and importance, so vendors are wise to hold on further investments and instead focus on “Fix.”

    Capabilities in the “Promote” quadrant are high in buyer importance and satisfaction, and should be called out in marketing and selling.

    Capabilities in the “Maintain” quadrant are high in buyer satisfaction, but lower in importance than other features – maintain investments here.

    (Optional for clients with buyer reviews and key competitive reviews within target product category.)

    Develop a competitively differentiated value proposition

    Combining internal competitive knowledge with insights from buyer interviews and buyer reviews; establish which key features that will competitively differentiate your product when delivered

    Example bar chart for 'Competitive Differentiation, Parity and Gaps – Features and Capabilities' comparing ratings of 'Your Product' and 'Competitor A' with high buyer importance at the top, low at the bottom, and rankings of each 'Differentiator', 'Parity', and 'Gap'.

    • Identify what buyers need that will differentiate your product features and company capabilities from key competitors.
    • Determine which features and company capabilities, ideally lower in buyer importance, can achieve/maintain competitive parity.
    • Determine which features and company capabilities, ideally much lower in buyer importance, that can exist in a state of competitive gap.

    Step 1.7

    Select the Most Effective Routes to Market

    Activities
    • 1.7.1 Understand a framework for deciding how to approach evaluating each available channel including freemium/ecommerce, inside sales, field sales, and channel partner.
    • 1.7.2 Gather data that will inform option consideration.
    • 1.7.3 Apply to decision framework and present to key stakeholders for a decision.

    This step will provide processes to help you:

    • Understand the areas to consider when choosing a sales channel
    • Support your decision by making a specific channel recommendation

    This step involves the following participants:

    • Project workstream leads in Sales, Sales Operations, Product Marketing, and Customer Success

    Outcomes of this step

    • Clarity around channel choice for this specific go-to-market strategy cycle
    • Pros and cons of choices with rationale for selected channel

    Phase 1 - Formulate a hypothesis and run discovery on key fundamentals

    Step 1.1 Step 1.2 Step 1.3 Step 1.4 Step 1.5 Step 1.6 Step 1.7 Step 1.8

    Your “route-to-market” – channel strategy

    Capture buyer channel preferences in Step 1.3, and research alternatives using the following framework

    Inside vs. Field Sales – Selling software during COVID has taught us that you can successfully sell software using virtual conferencing tools, social media, the telephone, and even texting and webchat – so is the traditional model of field/territory-based sellers being replaced with inside/virtual sellers who can either work at home, or is there a benefit to being in the office with colleagues?

    Solutions vs. Individual Products – Do your buyers prefer to buy a complete solution from a channel partner or a solutions integrator that puts all the pieces together, and can handle training and servicing, for a more complete buyer solution?

    Channel Partner vs. Build Sales Force – Are there channel partners that, given your product is targeting a new buyer with whom you have no relationship, can leverage their existing relationships, quicken adoption of your products, and lower your cost of sales?

    Fully Digital – Is your application one where users can get started for free then upgrade with more advanced features without the use of a field or inside sales person? Do you possess the e-commerce platform to support this?

    While there are other considerations beyond the above to consider, decide which channel approach will work best for this GTM Strategy.

    Flowchart on how to capture 'Buyer Channel Preferences' with five possible outcomes: 'Freemium/e-commerce', 'Use specified channel partner', 'Establish channel partner', 'Use Inside Sales', and 'Use Field Sales'.

    Channel Partnerships are Expanding

    “One estimate is that for every dollar a firm spends on its SaaS platform, it spends four times that amount with systems integrators and other channel partners.

    And as technologies are embedded inside other products, services, and solutions, effective selling requires more partners.

    Salesforce, for example, is recruiting thousands of new partners, while Microsoft is reportedly adding over 7,000 partners each month.” (HBR, 2021)

    Step 1.8

    Craft an Initial GTM Strategy Presentation for Executive Review and Status Check

    Activities
    • 1.8.1 Finalize the set of slides within the Go-to-Market Strategy Presentation that best illustrates the many key findings and recommended decisions that have been made during the Explore phase of the GTM Strategy.
      • Test whether all key deliverables have been created, especially those that must be in place in order to support future phases and steps.
      • Schedule a Steering Committee meeting and present your findings with the goal to gain support to proceed to the Design phase of GTM Strategy.

    This step will provide processes to help you:

    • Work with your colleagues to consolidate the findings from Phase 1 of the GTM Strategy
    • Create a slide deck with your colleagues for presentation to the Steering Committee to gain approvals to proceed to Phase 2

    This step involves the following participants:

    • Project workstream leads in Sales, Sales Operations, Product Marketing, and Customer Success
    • Steering Committee

    Outcomes of this step

    • Slide deck to present to the Steering Committee
    • Approvals to move to Phase 2 of the GTM Strategy

    Phase 1 - Formulate a hypothesis and run discovery on key fundamentals

    Step 1.1 Step 1.2 Step 1.3 Step 1.4 Step 1.5 Step 1.6 Step 1.7 Step 1.8

    1.8.1 Build your GTM Strategy deck for Steering Committee approval

    1. As you near completion of the Go-to-Market Strategy Phase, Explore Step, an important test to pass before proceeding to the Design step of GTM Strategy, is to answer several key questions:
      1. Have you properly sized the market opportunity for the focus of this GTM cycle?
      2. Have you defined a unique value proposition of what buyers are looking for?
      3. And have you aligned stakeholders on the target customer persona and flushed out an accurate buyer journey?
    2. If the answer is “no” you need to return to these steps and ensure completion.
    3. Pull together a summary review deck, schedule a meeting with the Steering Committee, present to-date findings for approval to move on to Phase 2.

    Download the Go-to-Market Strategy Presentation Template

    Sample of the 'PLAN' section of the GTM Strategy optimization diagram with 'GTM Explore Review' circled in red.

    The presentation you create contains:

    • Team composition and roles and responsibilities
    • Steps in overall process
    • Goals and objectives
    • Timelines and work plan
    • Initial product and launch concept
    • Buyer persona and journey
    • Competitive differentiation
    • Channel strategy

    Build a More Effective Go-to-Market Strategy

    Phase 2

    Design your initial product and business case

    Phase 1

    1.1 Select Steering Cmte/team, build aligned vision for GTM

    1.2 Buyer personas, journey, initial messaging

    1.3 Build initial product hypothesis

    1.4 Size market opportunity

    1.5 Outline digital/tech requirements

    1.6 Competitive SWOT

    1.7 Select routes to market

    1.8 Craft GTM Strategy deck

    Phase 2

    2.1 Brand consistency check

    2.2 Formulate packaging and pricing

    2.3 Craft buyer-valid product concept

    2.4 Build campaign plan and targets

    2.5 Develop cost budgets across all areas

    2.6 Draft product business case

    2.7 Update GTM Strategy deck

    Phase 3

    3.1 Assess tech/tools support for all GTM phases

    3.2 Outline sales enablement and Customer Success plan

    3.3 Build awareness plan

    3.4 Finalize business case

    3.5 Final GTM Plan deck

    This phase will walk you through the following activities:

    • Branding consistency check
    • Formulate packaging and pricing
    • Craft buyer-validated product concept
    • Build initial campaign plan and targets
    • Develop budgets for creative, content, and media purchases
    • Draft product business case
    • Update GTM Strategy deck

    This phase involves the following stakeholders:

    • Steering Committee
    • Working group leaders

    To complete this phase, you will need:

    Go-to-Market Strategy Presentation TemplateGo-to-Market Strategy RACI and Launch Checklist WorkbookBuyer Persona and Journey blueprintGo-to-Market Strategy Cost Budget and Revenue Forecast Workbook
    Sample of the Go-to-Market Strategy Presentation Template deliverable.Sample of the Go-to-Market Strategy RACI and Launch Checklist Workbook deliverable.Sample of the Buyer Persona and Journey blueprint deliverable.Sample of the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook deliverable.
    Use the Go-to-Market Strategy Presentation Template to document the results from the following activities:
    • Documenting your GTM strategy stakeholders
    • Documenting your GTM strategy working team
    Use the Go-to-Market Strategy RACI and Launch Checklist Workbook to:
    • Review the scope of roles and responsibilities required
    • Document the roles and responsibilities of your teams
    Use the Buyer Persona and Journey blueprint to:
    • Interview sales and customers/prospects to inform product concepts, understand persona and later, flesh out buyer journeys
    Use the Go-to-Market Cost Budget and Revenue Forecast Workbook to:
    • Tally budgets from across key functions involved in GTM Strategy
    • Compare with forecasted revenues to assess gross margins

    Step 2.1

    Compare Emerging Messaging and Positioning With Existing Brand for Consistency

    Activities

    Share messaging documented with the buyer journey with branding/creative and/or Marketing VP/CMO to ensure consistency with overall corporate messaging. Use the “Brand Diagnostic” on the following slide as a quick check.

    For those marketers that see the need for a re-brand, please:
    Download the Go-to-Market Strategy Presentation Template

    Later during the Build phase of GTM, marketing assets, digital platforms, sales enablement, and sales training will be created where actual messaging can be written with brand guidelines aligned.

    This step is to assess whether you we need to budget extra funds for any rebranding.

    This step will walk you through the following activities:

    • After completing the buyer journey and identifying messaging, test with branding/CMO that new messaging aligns with current:
      • Company positioning
      • Messaging
      • Brand imagery

    This step involves the following participants:

    • Project lead
    • Product marketing
    • Branding/creative
    • CMO

    Outcomes of this step

    • Check – Y/N on brand alignment
    • Adjustments made to current branding or new product messaging to gain alignment

    Phase 2 – Validate designs with buyers and solidify product business case

    Step 2.1 Step 2.2 Step 2.3 Step 2.4 Step 2.5 Step 2.6 Step 2.7

    Brand identity

    Re-think tossing a new product into the same old marketing engine. Ask if your branding today and on this new offering needs help.

    If you answer “no” to any of the following questions, you may need to re-think your brand. Does your brand:

    • recognize buyer pain points and convey clear pain-relief?
    • convey unique value that is clearly distanced from key competitors?
    • resonate with how target personas see themselves (e.g. rebellious, intelligent, playful, wise, etc.) and convey the “feeling” (e.g. relief, security, confidence, inspiration, etc.) buyers seek?
    • offer proof points via customer testimonials (vs. claimed value)?
    • tell a truly customer-centric story that is all about them (vs. what you want them to know about you)?
    • use words (e.g. quality, speed, great service, etc.) that equate to how buyers actually see you? Is your tone of voice going to resonate with your target buyer?
    • present in a clean, simple, and truly unique way? And will your brand identity stand the test of time?
    • represent feedback gleaned from prospects as well as customers?

    “Nailing an impactful brand identity is a critical part of Growth Marketing.

    Without a well-crafted and maintained brand identity, your marketing will always feel flat and one-dimensional.” (Lean Labs, 2021)

    Step 2.2

    Formulate Packaging and Pricing

    Activities
    • 2.2.1 Leverage what was learned in Phase 1 from buyer interviews to create an initial packaging and initial pricing approach.
      • Packaging success is driven by knowing what the buyer values are, how newly proposed functionality may work with other applications, and how well the buyer(s) work in teams.
      • Develop pricing using cost-plus, value/ROI, and competitive/market pricing comparisons.

    This step will walk you through the following activities:

    • Approaches to establishing price points for software products
    • Checking if pricing supports emerging product revenue plan

    This step involves the following participants:

    • Project lead
    • Product Marketing
    • Product Management
    • Pricing (if a function)

    Outcomes of this step

    • Pricing that is validated through buyer interviews and consistent with overall company pricing guardrails
    • Packaging that can be delivered

    Phase 2 – Validate designs with buyers and solidify product business case

    Step 2.1 Step 2.2 Step 2.3 Step 2.4 Step 2.5 Step 2.6 Step 2.7

    2.2.1 Formulate packaging and pricing

    Goal: Incorporate buyer benefits into your MVP that delivers the buyer value that compels them to purchase and drives the business case

    1. Leverage findings from buyer interviews and feature prioritization found in Step 1.3 to arrive at initial feature inclusion.
    2. Leverage feedback from customer interviews and competitive pricing analysis to arrive at an initial target price offer.
    3. Go to the Go-to-Market Strategy Presentation and use the slides labeled “Go-to-Market Strategy, Overall Project Plan.”

    Download the Go-to-Market Strategy Presentation Template

    Refer to the findings from buyer persona interviews

    Sample of the Buyer Persona and Journey blueprint deliverable.

    Step 2.3

    Build a Buyer-Validated Product Concept

    Activities
    • 2.2.1 Add to your initial product concept from Phase 1, the pricing and packaging approach.
      • Take the concept out to buyers to get their feedback – not on UX design, that will come later, but to ensure the value is clear to the buyers, and to raise confidence in the product concept.
      • As with previous customer and prospect interviews, use the Buyer Persona and Journey blueprint with its accompanying interview guide and focus on the product related questions.
      • Generate your slides to present and discuss with buyers, capture feedback, and refine the product concept.

    This step will walk you through the following activities:

    • Hold buyer interviews to review the product design
    • Validate concept and commercial variables – not UX design, that comes later

    This step involves the following participants:

    • Project lead
    • Product Marketing
    • Product Management

    Outcomes of this step

    • Customer validated product concept that meets the business plan

    Phase 2 – Validate designs with buyers and solidify product business case

    Step 2.1 Step 2.2 Step 2.3 Step 2.4 Step 2.5 Step 2.6 Step 2.7

    2.3.1 The best new product hypothesis doesn’t always come from your best customers

    Goal: Validate your product concept and business case

    1. Key areas to validate during product concept feedback:
      1. Feature/capability-build priorities – Which set of features and capabilities (i.e. service model, etc.) must be delivered in a minimum viable product (MVP) that delivers unique and competitively differentiating buyer value so we have win rates that support the business case?
      2. Packaging/Pricing – Are their features/capabilities that are not in base offering but offered as add-ons or not at all? Are their different packaging options that must be delivered given different customer segments and appropriate price points? (E.g. a small- to-medium sized business (SMB) version, Freemium, or Basic vs. Premium offerings?
      3. Routes to Market/Channel – Ensure you validate your channel strategy as work/effort will be needed to arrive at channel sales and marketing enablement.

    Download the Go-to-Market Strategy Presentation Template

    “Innovation opportunities almost always come from understanding a company’s worst customers or customers it doesn’t serve” (Harvard Business School Press, 1997)

    2.3.2 How your prospects buy will inform upcoming campaign design

    Goal: During product validation interviews, further validate the buyer journey to identify asset types to be created/sourced for launch campaign design

    1. Leverage findings from buyer interviews with a focus on buyer journey questions/answers found in Step 1.3 and further validated during product concept feedback in step 2.3.
    2. Your goal is to uncover the following key areas (see next slide for illustration):
      1. Validate the steps buyers take throughout the buyer journey – when you validate buyer steps and what the buyer is doing and thinking as they make a buying decision determines if you are supporting the right process.
      2. Validate the human vs. non-human/digital interaction type for each step – this determines whether your lead gen engine or your salesforce (or channel partner) will deliver the marketing assets and sales collateral.
      3. Describe the asset-types most valued by buyers during each step – this will provide the guidance your demand gen/field marketers need to either work with product marketing and creative to design and build, or source the right marketing asset and sales collateral for your lead gen engine and to support sales enablement.
      4. Identify which channels – this will give your digital team the guidance they need to design the “where” to place the assets within your lead gen engine. Feedback from customer interviews and competitive pricing analysis to arrive at an initial target price for offering is shown on the next slide.
    3. Use the Go-to-Market Strategy Presentation to complete the buyer journey slide with key findings.

    Download the Go-to-Market Strategy Presentation Template

    Refer to the findings from buyer persona interviews

    Sample of the Buyer Persona and Journey blueprint deliverable.

    Answers you need to map buyer journey

    Your buyer interviews – whether during earlier steps or here during product concept validation – will give specific answers to all areas in green text below. Understanding channels, asset-types, and crafting your key messaging are essential for next steps.

    Table outlining an example buyer's journey with fields in green text that are to be to replaced with answers from your buyer interviews.

    Step 2.4

    Build Your Initial Campaign Plan and Targets

    Activities
    • 2.4.1. While product management and marketing is working on the business case, the campaign team is designing their launch campaign.
    • Expand from the product concept and build out the entire launch campaign identifying dates, CTA’s, channels, and asset types needed that will be built during the Build phase.

    This step will walk you through the following activities:

    • Outline deployment plan of activities and outcomes
    • Draw up specs for needed assets, web-page changes, emails, target segments, and targets for leads generated

    This step involves the following participants:

    • Project lead
    • Field Marketing
    • Product Marketing

    Outcomes of this step

    • The initial draft of the campaign plan that outlines multichannel activities, dates, and assets that need to be sourced and/or created

    Phase 2 – Validate designs with buyers and solidify product business case

    Step 2.1 Step 2.2 Step 2.3 Step 2.4 Step 2.5 Step 2.6 Step 2.7

    2.4.1 Document your campaign plan

    2 hours

    On the following Awareness and Lead Gen Engine slide:
    1. Tailor the slide to describe your lead generation engine as you will use it when you get to latter steps to describe the activities in your lead gen engine and weigh them for go-to-market strategy.
    2. Use the template to see what makes up a typical lead gen and awareness building engine to see what you may be missing, as well as to record your current engine “parts.”
      • Note: The “Goal” image in upper right is meant as a reminder that marketers should establish a goal for Sales Qualified Leads (SQL’s) delivered to field sales for each campaign.

    On the Product and Launch Concept slides:

    1. Update the slides with findings from 2.3 and 2.4.

    Download the Go-to-Market Strategy Presentation Template

    “Only 32% of marketers – and 29% of B2B marketers – said the process of planning campaigns went very well. Just over half were sure they had selected the right business goal for a given marketing project and only 42% were confident they identified the right audience – which is, of course, a critical determinant for achieving success.” (MIT Sloan Management Review)

    Launch campaign

    Our Goal for [Campaign name] is to generate X SQL’s

    Flowchart of the steps to take when a campaign is launched, from 'Organic Website Visits' and 'Go Live' to future 'Sales Opportunities'. A key is present to decipher various icons.

    Awareness

    PR/EXTERNAL COMMS:

    Promote release in line with company story

    • [Executive Name] interview with [Publication Y] on [Launch Topic X] – Mo./Day
    • Press Release on new enhancements – Mo./Day
    • [Executive Name] interview with [Publication Z] on [Launch Topic X] – Mo./Day
    ANALYST RELATIONS:

    Receive analyst feedback pre-launch and brief with final releases messaging/positioning

    • Inquiry with [Key Analysts] on [Launch Topic X] – Mo./Day, pre launch
    • Press Release shared on new enhancements – Launch day minus two days
    • Analyst briefing with [Key Analysts] on [Launch Topic X] – Launch day minus two days

    Download the Go-to-Market Strategy Presentation Template

    2.4.2 Campaign targets

    Goal: Establish a Marketing-Influenced Win target that will be achieved for this launch

    We advise setting a target for the launch campaign. Here is a suggested approach:
    1. Understand what % of all sales wins are touched by marketing either through first or last touch attribution. This is the % of Marketing-Influenced Wins (MIWs).
    2. Determine what sales wins are needed to attain product revenue targets for this launch.
    3. Apply the actual company MIW % to the number of deals that must be closed to achieve target product launch revenues. This becomes the MIW target for this launch campaign.
    4. Then, using your average marketing funnel conversion rates working backwards from MIWs to Opportunities, Sales Accepted Leads (SALs), Sales Qualified Leads (SQLs), Marketing Qualified Leads (MQLs), up to website visits.
    5. Update the slides with findings from 2.3 and 2.4.

    Download the Go-to-Market Strategy Presentation Template

    “Marketing should quantify its contribution to the business. One metric many clients have found valuable is Marketing Influenced Wins (MIW). Measured by what % of sales wins had a last-touch marketing attribution, marketers in the 30% – 40% MIW range are performing well.” (SoftwareReviews Advisory Research)

    Step 2.5

    Develop Initial Budgets Across All Areas

    Activities
    • 2.5.1 Use the Go-to-Market Budget Workbook and work with your workstream leads.
      • Capture the costs associated with this GTM Strategy and Launch.
      • Summarize your GTM budget in the Go-to-Market Strategy Presentation, including the details behind the gross margin calculation for your GTM Strategy/campaign if required.

    This step will walk you through the following activities:

    • Field marketing, product marketing, creative, others to identify the specific budget elements needed for this campaign/launch

    This step involves the following participants:

    • Project lead
    • Field Marketing
    • Product Marketing
    • Branding/creative

    Outcomes of this step

    • The initial marketing budget for this campaign/launch

    Phase 2 – Validate designs with buyers and solidify product business case

    Step 2.1 Step 2.2 Step 2.3 Step 2.4 Step 2.5 Step 2.6 Step 2.7

    Download the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

    2.5.1 Develop your GTM Strategy/product launch campaign budget

    Goal: Work with your workstream leads to identify all incremental costs associated with this GTM strategy and product launch

    1. Use the Go-to-Market Budget Workbook and adjust to include the areas that are identified by your workstream leads as being applicable to this GTM Strategy and Launch.
      • These should be incremental costs to normal operating and capital budgets and those areas that are fully approved for inclusion by your Steering Committee/Sponsoring Executive.
    2. Begin to Catalog all applicable costs to include all key areas such as:
      • Technology costs for internal use (typically from Marketing Ops), and “core” to product technology costs working with the product team
      • Channel marketing programs, agency (e.g. branding, naming, web design, SEO, content marketing, etc.), T&E, paid media, events, marketing assets, etc.
    3. Note that in the Align Step – Step 3, you will see your workstream leads each develop their individual contributions to both the launch plan as well a budget.

    4. Summarize your initial GTM budget findings in the Go-to-Market Strategy Presentation, including the details behind the gross margin calculation for your GTM Strategy/campaign if required. Again, you will flush out the final costs within each workstream areas in Phase 3, ”Align.”

    Download the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

    Download the Go-to-Market Strategy Presentation Template

    Step 2.6

    Draft Initial Product Business Case

    Activities
    • 2.6.1 Here’s where you begin to pull together all the essential elements of your final business case.
      • For many organizations that require a view of return on investment, you will begin here to shape the key elements that your organization requires for a complete business case to go ahead with the needed investments.
      • The goal is to compare estimated costs to estimated revenues to ensure acceptable margins will be delivered for this GTM strategy/product launch.
      • The culmination of work to get to this calculation will continue through Phase 3; however, the following slide illustrates the kind of visualization that will be possible with our approach.

    This step will walk you through the following activities:

    • A product revenue forecast is created, alignment with sales/sales targets is created for a minimum viable product (MVP) that meets the buyer’s needs at the price point established/validated

    This step involves the following participants:

    • Project lead
    • Product management
    • Product marketing
    • Sales leadership

    Outcomes of this step

    • The important measures of:
      • Product revenue forecast
      • Supported MVP features

    Phase 2 – Validate designs with buyers and solidify product business case

    Step 2.1 Step 2.2 Step 2.3 Step 2.4 Step 2.5 Step 2.6 Step 2.7

    Gross Margin Estimates – part of a complete product business case

    Your goal: Earn more than you spend! This projection of estimated gross margins should be part of your product launch business case. The GTM initiative lead and workstream leads are charged with estimating incremental costs, and product and sales must work together on the revenue forecast.

    Net Return

    We estimate our 12 month gross profit to be ….

    Quarterly Revenues

    Based on sales forecast, our quarterly/monthly revenues are ….

    Estimated Expenses

    Incremental up-front costs are expected to be ….

    Example 'P&L waterfall for Product X Launch' with notes. Green bars are 'Increase', red bars are 'Decrease', and blue bars are 'Total'. Red bar note: 'Your estimated incremental up-front costs', Green bar note: 'Your estimated net incremental revenues vs. costs', Blue bar note: 'Your estimated net gross profit for this product launch and campaign', 'END' note: 'Extend for suitable period'.

    2.6.1 Develop your initial product business case

    Goal: Focused on the Product Concept areas related to product Market Fit, Buyer Needs and Market Opportunity, Product Managers will summarize in order to gain approval for Build

    1. Using the Go-to-Market Strategy Presentation, product managers should ensure the product concept slide(s) support the rationale to move to Build phase. Key areas include:
      1. Adequate market opportunity size – that is worth the incremental investment
      2. Acceptable costs/investment to pursue the opportunity – design, creative services for branding, web design, product naming, asset creation, copywriting, translation services not available in-house
      3. Well-defined product market fit – review buyer interviews that identify buyer pain points and ideas that will deliver needed business value
      4. Buyer-validated commercials – buyer-validated pricing and packaging
      5. Product development budget and staffing support to build viable MVP & beyond roadmap – development budget and staffing is in place/budgeted to deliver MVP by target date and continue to ensure attainment of product revenue targets
      6. Unique product value proposition that is competitively differentiated – to drive acceptable win rates
      7. Product Sales Forecast – that when compared to costs meets company investment hurdle rates
      8. Sales Leadership support for achieving sales forecast and supported sales/channel resourcing plan – sales leadership has taken on forecasted revenues as an incremental sales quota and has budget for additional hiring, enablement, and training for attainment.
    2. Go to the Go-to-Market Strategy Presentation and complete the slides summarizing these key areas that support the business case for the next phases of Build and Launch.

    Product Business Case Checklist:

    • Acceptably large enough product market opportunity
    • Well-defined competitive differentiation
    • Buyer-validated product-market fit
    • Buyer-validated and competitive commercials (i.e. pricing, packaging)
    • An MVP with roadmap that aligns to buyer needs and buyer-validated price points
    • A 24–36 month sales forecast with CRO sign-up and support for attainment
    • Costs of launch vs. forecasted revenues to gauge gross margins

    Download the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

    Download the Go-to-Market Strategy Presentation Template

    Step 2.7

    Update the GTM Strategy Presentation Deck for Executive Review and Sign-off

    Activities
    • 2.7.1 Update the deck with Phase 2 findings culminating in the business case.

    This step will walk you through the following activities:

    • Drop into the GTM Strategy deck the summary findings from the team’s work
    • Write an executive summary that garners executive support for needed funds, signed-up-for sales targets, agreed upon launch timing
    • Steering Committee alignment on above and next steps

    This step involves the following participants:

    • Project lead
    • Steering Committee
    • Workstream leads

    Outcomes of this step

    • Executive support for the GTM Strategy plan and approval to proceed to Phase 3

    Phase 2 – Validate designs with buyers and solidify product business case

    Step 2.1 Step 2.2 Step 2.3 Step 2.4 Step 2.5 Step 2.6 Step 2.7

    2.7.1 Update your GTM Strategy deck for Design Steering Committee approval

    1. As you near completion of the Go-to-Market Strategy Phase – Design Step, while your emerging business case is important, it will be finalized in the Align Step.
    2. An important test to pass before proceeding to the Align step of the GTM Strategy, is to answer several key questions:
      1. Have you validated the product value proposition with buyers?
      2. Is the competitive differentiation clear for this offering?
      3. Did Sales support the business case by signing up for the incremental quota?
      4. Has product defined an MVP that aligns with the buyer value needed to drive purchases?
      • If the answer is “no” you need to return to these steps and ensure completion
    3. Pull together a summary review deck, schedule a meeting with the Steering Committee, and present to-date findings for approval to move onto Phase 3.

    Download the Go-to-Market Strategy Presentation Template

    Sample of the 'PLAN' section of the GTM Strategy optimization diagram with 'GTM Design Review' circled in red.

    The presentation you create contains:

    • Timelines and a work plan
    • Expanded product concept to include your packaging and pricing approach
    • Feedback from buyers on validated product concept especially commercial elements
    • Expanded campaign plan and marketing budget
    • Initial product business case

    Build a More Effective Go-to-Market Strategy

    Phase 3

    Align stakeholder plans to prep for build

    Phase 1

    1.1 Select Steering Cmte/team, build aligned vision for GTM

    1.2 Buyer personas, journey, initial messaging

    1.3 Build initial product hypothesis

    1.4 Size market opportunity

    1.5 Outline digital/tech requirements

    1.6 Competitive SWOT

    1.7 Select routes to market

    1.8 Craft GTM Strategy deck

    Phase 2

    2.1 Brand consistency check

    2.2 Formulate packaging and pricing

    2.3 Craft buyer-valid product concept

    2.4 Build campaign plan and targets

    2.5 Develop cost budgets across all areas

    2.6 Draft product business case

    2.7 Update GTM Strategy deck

    Phase 3

    3.1 Assess tech/tools support for all GTM phases

    3.2 Outline sales enablement and Customer Success plan

    3.3 Build awareness plan

    3.4 Finalize business case

    3.5 Final GTM Plan deck

    This phase will walk you through the following activities:

    1. Assess tech/tools support for all GTM phases
    2. Map lead generation plan
    3. Outline Customer Success plan
    4. Build awareness plan (PR/AR, etc.)
    5. Finalize product business case
    6. Final GTM planning deck and Steering Committee review

    This phase involves the following stakeholders:

    • Steering Committee
    • Working group leaders

    To complete this phase, you will need:

    Go-to-Market Strategy Presentation Template Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook
    Sample of the Go-to-Market Strategy Presentation Template deliverable. Sample of the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook deliverable.
    Use the Go-to-Market Strategy Presentation Template to document the results from the following activities:
    • Documenting your GTM Strategy Stakeholders
    • Documenting your GTM Strategy Working Team
    Use the Go-to-Market Cost Budget and Revenue Forecast Workbook to:
    • Tally budgets from across key functions involved in the GTM Strategy
    • Compare with forecasted revenues to assess gross margins

    Step 3.1

    Assess Technology and Tools Support for Your GTM Strategy as Well as Future Phases of GTM

    Activities
    • 3.1.1 Have Marketing Operations document what tech stack improvements are required in order to get the team to a successful launch. Understand costs and implementation timelines and work it into the Go-to-Market Budget Workbook.

    This step will walk you through the following activities:

    • After completing your initial survey in Step 1, complete requirements building for needed technology and tools acquisition/upgrade in campaign management, sales opportunity management, and analytics.

    This step involves the following participants:

    • Project lead
    • Marketing operations/digital
    • IT

    Outcomes of this step

    • Build a business requirement against which to evaluate new/upgraded vendor tools to support the entire GTM process

    Phase 3 – Align functional plans with a compelling business case for product build

    Step 3.1 Step 3.2 Step 3.3 Step 3.4 Step 3.5

    3.1.1 Technology plan and investments

    Goal: Outline the results of our analysis and Info-Tech analyst guidance regarding supporting systems, tools, and technologies to support our go-to-market strategy

    1. Plans, timings, and incremental costs related to, but not limited to, the following apps/tools/technologies:
      1. Lead management/Marketing automation
      2. Marketing analytics
      3. Sales Opportunity Management System (OMS) and Configure, Price, and Quote (CPQ) applications
      4. Sales engagement
      5. Sales analytics
      6. Customer service and support/Customer interaction hub
      7. Customer data management and analytics
      8. Customer experience platforms
      9. Marketing content management
      10. Creative tools
      11. Share of voice and social platform management
      12. Etc.
    2. Go to the Go-to-Market Budget Workbook and complete by adding costs identified in above areas that are specific to this go-to-market strategy, Build, and Launch initiative. Record in the Go-to-Market Strategy Presentation completing the areas within the slides related to the Product and Launch Concepts and Business Case.

    Download the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

    Download the Go-to-Market Strategy Presentation Template

    Step 3.2

    Outline Sales Enablement and Support for Customer Success to Include Onboarding and Ongoing Engagement

    Activities
    • 3.3.1 Sales Enablement – develop the sales enablement and training plan for Launch to include activities, responsible parties, dates for delivery, etc.

    This step will walk you through the following activities:

    • Finalize the customer success training and support plan
    • Onboarding scripts
    • Changes to help screens in application
    • Timing to plan for Quality Acceptance

    This step involves the following participants:

    • Project lead
    • Customer Success lead
    • Product management
    • Product marketing

    Outcomes of this step

    • Plan for creation of copy, assets, and rollout pan to support clients and client segments for Launch

    Phase 3 – Align functional plans with a compelling business case for product build

    Step 3.1 Step 3.2 Step 3.3 Step 3.4 Step 3.5

    3.2.1 Outline sales enablement

    Goal: Outline sales collateral, updates to sales proposals, CPQ, Opportunity Management Systems, and sales training

    1. Describe the requirements for sales enablement to include elements such as:
      1. Sales collateral
      2. Client-facing presentations
      3. Sales proposal updates
      4. Updates to Configure, Price, and Quote (CPQ) applications
      5. Updates to Opportunity Management System (OMS) applications
      6. Sales demo versions of the new product
      7. Sales communication plans
      8. Sales training and certification programs
    2. Go to the Go-to-Market Budget Workbook and add the costs identified in above areas that are specific to this go-to-market strategy, Build, and Launch initiative. Record as well in the Go-to-Market Strategy Presentation completing the areas within the slides related to the Product and Launch Concepts and Business Case.

    Download the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

    Download the Go-to-Market Strategy Presentation Template

    3.2.2 Outline customer success

    Goal: Outline customer support/success requirements and plan

    1. Plans, timings, and incremental costs for the following:
      1. Onboarding scripts for the new solution
      2. Updates to retention lifecycle
      3. FAQ answers
      4. Updates to online help/support system
      5. “How-to” videos
      6. Live chat updates
      7. Updates to “provide feedback” system
      8. Updates to Quarterly Business Review slides
    2. Go to the Go-to-Market Budget Workbook and add the costs identified in above areas that are specific to this go-to-market strategy, Build, and Launch initiative. Record in the Go-to-Market Strategy Presentation and complete the areas within the slides related to the Product and Launch Concepts and Business Case.

    Download the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

    Download the Go-to-Market Strategy Presentation Template

    Step 3.3

    Build an Awareness Plan Covering Media, Social Media, and Industry Analysts

    Activities
    • 3.4.1 Corp Comms/PR/AR – develop the overall awareness plans for executive interviews, articles placed, social drops, analyst briefing dates, and internal associate comms if required.

    This step will walk you through the following activities:

    • Outline outbound communications plans including press releases, social posts, etc.
    • Describe dates for AR outreach to covering analysts
    • Develop the internal communications plan

    This step involves the following participants:

    • Project lead
    • Corporate Comms lead
    • Creative
    • Analyst relations
    • Social media marketing lead

    Outcomes of this step

    • Plan for creation of copy, assets, and rollout pan to support awareness building, external communications, and internal communications if required

    Phase 3 – Align functional plans with a compelling business case for product build

    Step 3.1 Step 3.2 Step 3.3 Step 3.4 Step 3.5

    3.3.1 Internal communications plan

    Goal: Outline complete internal communications plan. For large-scale changes (i.e. rebranding, M&A, etc.) HR may drive significant volume of employee communications working with Corporate Comms

    1. Plans, timings, and incremental costs for the following:
      1. Complete a comms plan with dates, messages, and channels
      2. Team member roles and responsibilities
      3. Intranet article and posting schedules
      4. Creation of new office signage, merchandise, etc. for employee kits
      5. Pre-launch announcements schedule
      6. Launch day communications, events, and activities
      7. Post launch update schedule and messages for launch success
      8. Incremental staffing and resources/budget requirements
    2. Go to the Go-to-Market Budget Workbook and add costs identified in above areas that are specific to this go-to-market strategy, Build, and Launch initiative. Record as well in the Go-to-Market Strategy Presentation completing the areas related to the Product and Launch Concepts and Business Case.

    Download the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

    Download the Go-to-Market Strategy Presentation Template

    3.3.2 PR and External Communications Plan

    Goal: Outline complete internal communications plan. For large scale changes (i.e. rebranding, M&A, etc.) HR may drive significant volume of employee communications working with Corporate Comms

    1. Plans, timings, and incremental costs for the following:
      1. List of Tier 1 and Tier 2 media authors covering the [product/initiative] market area
      2. Schedule of launch briefings, with any non-analyst influencers
      3. Timing of press releases
      4. Required supporting executives and stakeholders for each of the above meetings
      5. Slide deck/media kit for the above and planned questions to support needed feedback
      6. Media Site materials especially to support media questions and requests for briefings
      7. Social postings calendar of activities and key messages plan
      8. Publish data of [product/initiative] relevant articles with set-back schedules
      9. Cultivation of reference customers and client testimonials for media outreach
      10. Requirements for additional staffing to cover product/initiative new market and analysts
      11. Internal and external events calendar to invite media
    2. Go to the Go-to-Market Budget Workbook and add the costs identified in the above areas that are specific to this go-to-market strategy, Build, and Launch initiative. Record in the Go-to-Market Strategy Presentation by completing the areas related to the Product and Launch Concepts and Business Case.

    Download the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

    Download the Go-to-Market Strategy Presentation Template

    3.3.3 Analyst relations plan

    Goal: Outline incremental costs in analyst communications, engagement, and access to research

    1. Plans, timings, and incremental costs for the following:
      1. List of Tier 1 and Tier 2 analysts for the [product/initiative] market area
      2. Schedule of inquiries, pre-launch briefings, launch briefings, and post-launch feedback
      3. Required supporting executives and stakeholders for each of the above meetings
      4. Analyst deck for each of the above and planned questions to support needed feedback
      5. Analyst Site materials to support 2nd and 3rd Tier analysts’ questions and requests for briefings
      6. Social postings calendar of activities and key messages
      7. Resources to respond to analyst blogs and/or social posts regarding your product/initiative area
      8. Timing of important and relevant analyst document/methodology publishing dates with set-back schedules
      9. Cultivation of reference customers and client testimonials to coincide with analyst outreach for research and for buyer review sites/reviews data gathering
      10. Requirements for additional staffing to cover product/initiative new market and analysts
      11. Events calendar where analysts will be presenting on this product/initiative market
    2. Go to the Go-to-Market Budget Workbook and add the costs identified in the above areas that are specific to this go-to-market strategy, Build and Launch initiative. Record in the Go-to-Market Strategy Presentation by completing the areas related to the Product and Launch Concepts and Business Case.

    Download the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

    Download the Go-to-Market Strategy Presentation Template

    Step 3.4

    Finalize Product Business Case With Collaborative Input From Product, Sales, and Marketing

    Activities
    • 3.5.1 Convene the team to align sales, marketing, and product around the business case.

    This step will walk you through the following activities:

    • Refine the product business case initiated in Phase 2
    • Align product revenue forecast with sales revenue forecast
    • Align MVP features to be developed during “GTM – Build” with customer validated product-market fit

    This step involves the following participants:

    • Project lead
    • Product management
    • Product marketing

    Outcomes of this step

    • Product business case

    Phase 3 – Align functional plans with a compelling business case for product build

    Step 3.1 Step 3.2 Step 3.3 Step 3.4 Step 3.5

    3.4.1 Final product Build and Launch business case

    Goal: Beyond the product business case, factor in costs for technology, campaigning, sales enablement, and customer success in order to gain approval for Build and Launch

    1. Using the Go-to-Market Strategy Presentation, workstream leads and Go-to-Market Initiative leaders will finalize the anticipated incremental costs, and when compared to projected product revenues, present to the Steering Committee including CFO for final approval before moving to Build and Launch.
    2. To present a complete business case, key cost areas include:
      1. All the areas outlined up through Step 3.4 plus:
      2. Technology/MarTech Stack incremental costs
      3. Channel programs, branding/agency, pricing, packaging/product, and T&E incremental costs
      4. Campaign related – creative, content marketing, paid media, events, SEO, lists/data
      5. Sales Enablement, Customer Support/Success incremental costs
      6. Internal communications/events/activities/signage costs
      7. PR/AR/Media incremental costs
    3. Compare to final Sales/Product agreed projected revenues, in order to calculate estimated gross margins

    Go to the Go-to-Market Budget Workbook as outlined in prior steps and document final incremental costs and projected revenues and summarize within the Go-to-Market Strategy Presentation.

    Download the Go-to-Market Strategy Cost Budget and Revenue Forecast Workbook

    Download the Go-to-Market Strategy Presentation Template

    Product Build and Launch Business Case Checklist:

    • Acceptably large enough product market opportunity
    • Well-defined competitive differentiation
    • Buyer-validated product-market fit
    • Buyer-validated and competitive commercials (i.e. pricing, packaging)
    • An MVP with roadmap that aligns with buyer needs and buyer validated price points
    • A 24–36 month sales forecast with CRO sign-up and support for attainment
    • Incremental product development, tech, marketing, sales, customer success, AR/PR costs vs. forecasted revenues fall within acceptable margins

    Step 3.5

    Develop Your Final Executive Presentation to Request Approval and Proceed to GTM Build Phase

    Activities
    • 3.6.1 Update the Product, Launch, Journey, and Business Case slides included within the Go-to-Market Strategy Presentation Template with Phase 3 findings culminating in the business case.

    This step will walk you through the following activities:

    • Update the previously created slides with findings from Phase 3
    • Hold a Steering Committee meeting and present findings for approval

    This step involves the following participants:

    • Steering Committee
    • Workstream leads

    Outcomes of this step

    • GTM Strategy approved to move to GTM Build

    Phase 3 – Align functional plans with a compelling business case for product build

    Step 3.1 Step 3.2 Step 3.3 Step 3.4 Step 3.5

    3.5.1 Update your GTM Strategy deck for Align Steering Committee approval

    1. As you near completion of the Go-to-Market Strategy Phase – Align Step, an important test to pass before proceeding to the Design step of GTM Strategy, is to answer several key questions:
      1. Are Sales, Product, and Marketing all aligned and in agreement on the business case?
      2. Are the gross margin calculations acceptable to the Steering Committee? CFO? CEO?
    2. If the answer is “no” you need to return to prior steps and ensure completion.
    3. Pull together a summary review deck, schedule a meeting with the Steering Committee, present to-date findings for approval to move on to Build Phase.
    4. Once your final business case is accepted, you are ready to move on to the GTM Build and Launch phases. These phases are covered in sperate SoftwareReviews blueprints.

    Download the Go-to-Market Strategy Presentation Template

    Sample of the 'PLAN' section of the GTM Strategy optimization diagram with 'GTM Align Review' circled in red.

    The presentation you create contains:

    • Timelines and work plan updates
    • Tech stack needs/modifications
    • An expanded product concept to include packaging and pricing approach
    • Asset-type concepts for marketing campaigns, sales collateral, website, and social
    • Outline of initial Launch dates
    • Outline of initial customer success, awareness/PR/AR plans, and sales training plans
    • Final business case

    Summary of Accomplishment

    Problem Solved – A More Effective Go-to-Market Strategy

    By guiding your team through the Go-to-Market planning process applied to an actual GTM Strategy, you have built an important set of capabilities that underpins today’s well-managed software companies. By following the step-by-step process outlined in this blueprint, you have delivered a host of benefits that include the following:

    • Alignment of Product, Marketing, Sales, and Customer Success around a deeper understanding of your target buyers and what it takes to build competitive differentiation.
    • You have calculated your product market opportunity and whether it’s worth the investment in the long-term, and for the short term you have estimated gross margins as an important part of the business case.
    • Built executive support and confidence by leading a disparate team in complex decision making that is fact and evidence based to make more effective go/no go decisions related to investing in new products.
    • And finally, because you and your team have demonstrated their ability to align programs toward a common goal and program-manage a complex initiative through to successful completion, you have led your team to develop the “institutional muscle” to take on equally complex initiatives such as acquisition integration, rebranding, launching in a new region, etc.

    Therefore, developing the capabilities to manage a complex go-to-market strategy is akin to building company scalability and is sought after as a professional development opportunity that each executive should have on his/her résumé.

    If you would like additional support, contact us and we’ll make sure you get the professional expertise you need.

    Contact your account representative for more information.

    info@softwarereviews.com 1-888-670-8889

    Bibliography

    Acosta, Danette. “Average Customer Retention Rate by Industry.” Profitwell.com. Accessed Jan. 2022.

    Ashkenas, Ron, and Patrick Finn. “The Go-To-Market Approach Startups Need to Adopt.” Harvard Business Review, June 2016. Accessed Jun. 2021.

    Bilardi, Emma. “ How to Create Buyer Personas.” Product Marketing Alliance, July 2020. Accessed Dec. 2021.

    Cespedes, Frank V. “Defining a Post-Pandemic Channel Strategy.” Harvard Business Review, Apr. 2021. Accessed Jul. 2021.

    Chapman, Lawrence. “A Visual Guide to Product Launches.” Product Marketing Alliance. Accessed Jul. 2021.

    Chapman, Lawrence. “Everything You Need To Know About Go-To-Market Strategies.” Product Marketing Alliance. Accessed Jul. 2021.

    Christiansen, Clayton. “The Innovators Dilemma.” Harvard Business School Press, 1997.

    Drzewicki, Matt. “Digital Marketing Maturity: The Path to Success.” MIT Sloan Management Review. Accessed Dec. 2021.

    “Go-To-Market Refresher,” Product Marketing Alliance. Accessed Jul. 2021

    Harrison, Liz; Dennis Spillecke, Jennifer Stanley, and Jenny Tsai. “Omnichannel in B2B sales: The new normal in a year that has been anything but.” McKinsey & Company, 15 March, 2021. Accessed Dec. 2021.

    Jansen, Hasse. “Buyer Personas – 33 Mind Blowing Stats.” Boardview, 19 Feb. 2016. Accessed Jan. 2022.

    Scott, Ryan. “Creating a Brand Identity: 20 Questions to Consider.” Lean Labs, Jun 2021. Accessed Jul. 2021.

    Smith, Michael L., and James Erwin. “Role and Responsibility Charting (RACI).” DOCSearch. Accessed Jan. 2022. Web.

    “What is the Total Addressable Market (TAM).” Corporate Finance Institute (CFI), n.d. Accessed Jan. 2022.

    Related Software Reviews Research

    Sample of the Create a Buyer Persona and Journey research Create a Buyer Persona and Journey
    • A successful go-to-market strategy depends upon deep buyer understanding. Our Create a Buyer Persona and Journey blueprint will give you a step-by-step process that when followed will provide you and your team with that deep buyer understanding you need.
    • The Create a Buyer Persona and Journey blueprint provides you with an interview containing over 75 questions that, after capturing buyer answers and insights during interviews, will strengthen your value proposition, product market fit, lead gen engine and sales effectiveness.
    Sample of the Optimize Lead Generation With Lead Scoring research Optimize Lead Generation With Lead Scoring
    • Save time and money and improve your sales win rates when you apply our methodology to score contacts with your lead gen engine more accurately and pass better qualified leads over to your sellers.
    • Our methodology teaches marketers to develop your own lead scoring approach based upon lead/contact profile vs. your Ideal Customer Profile (ICP) and scores contact engagement. Applying the methodology to arrive at your own approach to scoring will mean reduced lead gen costs, higher conversion rates, and increased marketing influenced wins.

    Measure and Manage Customer Satisfaction Metrics That Matter the Most

    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Marketing Solutions
    • Parent Category Link: /marketing-solutions
    • Lack of understanding of what is truly driving customer satisfaction or dissatisfaction.
    • Lack of insight into who our satisfied and dissatisfied customers are.
    • Lack of a system for early detection of declines in satisfaction.
    • Lack of clarity on what to improve and how resources should be allocated.

    Our Advice

    Critical Insight

    • All software companies measure satisfaction in some way, but many lack understanding of what’s truly driving customers to stay or leave. By understanding the true drivers of satisfaction, solution providers can measure and monitor satisfaction more effectively, pull actionable insights and feedback, and make changes to products and services that customers really care about and will keep them coming back to you to have their needs met.
    • Obstacles:
      • Use of metrics that don’t provide the insight needed to make impactful changes that will boost satisfaction and ultimately, retention and profit.
      • Lack of a clear definition of what satisfaction means to customers, metric definitions and/or standard methods of measurement, and a consistent monitoring cadence.

    Impact and Result

    • Understanding of who your satisfied and dissatisfied customers are.
    • Understanding of the true drivers of satisfaction and dissatisfaction among your customer segments.
    • Establishment of a repeatable process and cadence for effective satisfaction measurement and monitoring.
    • Development of an executable customer satisfaction improvement plan that identifies customer journey pain points and areas of dissatisfaction, and outlines how to improve them.
    • Knowledge of where money, time, and other resources are needed most to improve satisfaction levels and ultimately increase retention.

    Measure and Manage Customer Satisfaction Metrics That Matter the Most Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Measure and Manage the Customer Satisfaction Metrics that Matter the Most Deck – An overview of how to understand what drives customer satisfaction and how to measure and manage it for improved business outcomes.

    Understand the true drivers of customer satisfaction and build a process for managing and improving customer satisfaction.

    [infographic]

    Further reading

    Measure and Manage the Customer Satisfaction Metrics that Matter the Most

    Understand what truly keeps your customer satisfied. Start to measure what matters to improve customer experience and increase satisfaction and advocacy. 

    EXECUTIVE BRIEF

    Analyst perspective

    Understanding and measuring the true drivers of satisfaction enable the delivery of real customer value

    The image contains a picture of Emily Wright.

    “Healthy customer relationships are the paramount to long-term growth. When customers are satisfied, they remain loyal, spend more, and promote your company to others in their network. The key to high satisfaction is understanding and measuring the true drivers of satisfaction to enable the delivery of real customer value.

    Most companies believe they know who their satisfied customers are and what keeps them satisfied, and 76% of B2B buyers expect that providers understand their unique needs (Salesforce Research, 2020). However, on average B2B companies have customer experience scores of less than 50% (McKinsey, 2016). This disconnect between customer expectations and provider experience indicates that businesses are not effectively measuring and monitoring satisfaction and therefore are not making meaningful enhancements to their service, offerings, and overall experience.

    By focusing on the underlying drivers of customer satisfaction, organizations develop a truly accurate picture of what is driving deep satisfaction and loyalty, ensuring that their company will achieve sustainable growth and stay competitive in a highly competitive market.”

    Emily Wright

    Senior Research Analyst, Advisory

    SoftwareReviews

    Executive summary

    Your Challenge

    Common Obstacles

    SoftwareReviews’ Approach

    Getting a truly accurate picture of satisfaction levels among customers, and where to focus efforts to improve satisfaction, is challenging. Providers often find themselves reacting to customer challenges and being blindsided when customers leave. More effective customer satisfaction measurement is possible when providers self-assess for the following challenges:

    • Lack of understanding of what is truly driving customer satisfaction or dissatisfaction.
    • Lack of insight into who our satisfied and dissatisfied customers are.
    • Lack of a system for early detection of declines in satisfaction.
    • Lack of clarity of what needs to be improved and how resources should be allocated.
    • Lack of reliable internal data for effective customer satisfaction monitoring.

    What separates customer success leaders from developing a full view of their customers are several nagging obstacles:

    • Use of metrics that don’t provide the insight needed to make impactful changes that will boost satisfaction and ultimately, retention and profit.
    • Friction from customers participating in customer satisfaction studies.
    • Lack of data, or integrated databases from which to track, pull, and analyze customer satisfaction data.
    • Lack a clear definition of what satisfaction means to customers, metric definitions, and/or standard methods of measurement and a consistent monitoring cadence.
    • Lack of time, resources, or technology to uncover and effectively measure and monitor satisfaction drivers.

    Through the SoftwareReviews’ approach, customer success leaders will:

    • Understand who your satisfied and dissatisfied customers are.
    • Understand the true drivers of satisfaction and dissatisfaction among your customer segments.
    • Establish a repeatable process and cadence for effective satisfaction measurement and monitoring.
    • Develop an executable customer satisfaction improvement plan that identifies customer journey pain points and areas of dissatisfaction, and outlines how to improve them.
    • Know where money, time, and resources are needed most to improve satisfaction levels and ultimately retention.

    Overarching SoftwareReviews Advisory Insight:

    All companies measure satisfaction in some way, but many lack understanding of what’s truly driving customers to stay or leave. By understanding the true drivers of satisfaction, solution providers can measure and monitor satisfaction more effectively, pull actionable insights and feedback, and make changes to products and services that customers really care about. This will keep them coming back to you to have their needs met.

    Healthy Customer Relationships are vital for long-term success and growth

    Measuring customer satisfaction is critical to understanding the overall health of your customer relationships and driving growth.

    Through effective customer satisfaction measurement, organizations can:

    Improve Customer Experience

    Increase Retention and CLV

    Increase Profitability

    Reduce Costs

    • Provide insight into where and how to improve.
    • Enhance experience, increase loyalty.
    • By providing strong CX, organizations can increase revenue by 10-15% (McKinsey, 2014).
    • Far easier to retain existing customers than to acquire new ones.
    • Ensuring high satisfaction among customers increases Customer Lifetime Value (CLV) through longer tenure and higher spending.
    • NPS Promoter score has a customer lifetime value that's 600%-1,400% higher than a Detractor (Bain & Company, 2015).
    • Highly satisfied customers spend more through expansions and add-ons, as well as through their long tenure with your company.
    • They also spread positive word of mouth, which brings in new customers.
    • “Studies demonstrate a strong correlation between customer satisfaction and increased profits — with companies with high customer satisfaction reporting 5.7 times more revenue than competitors.” (Matthew Loper, CEO and Co-Founder of WELLTH, 2022)
    • Measuring, monitoring, and maintaining high satisfaction levels reduces costs across the board.
    • “Providing a high-quality customer experience can save up to 33% of customer service costs” (Deloitte, 2018).
    • Satisfied customers are more likely to spread positive word of mouth which reduces acquisition / marketing costs for your company.

    “Measuring customer satisfaction is vital for growth in any organization; it provides insights into what works and offers opportunities for optimization. Customer satisfaction is essential for improving loyalty rate, reducing costs and retaining your customers.”

    -Ken Brisco, NICE, 2019

    Poor customer satisfaction measurement is costly

    Virtually all companies measure customer satisfaction, but few truly do it well. All too often, customer satisfaction measurement consists of a set of vanity metrics that do not result in actionable insight for product/service improvement. Improper measurement can result in numerous consequences:

    Direct and Indirect Costs

    Being unaware of true drivers of satisfaction that are never remedied costs your business directly through customer churn, service costs, etc.

    Tarnished Brand

    Tarnished brand through not resolving issues drives dissatisfaction; dissatisfied customers share their negative experiences, which can damage brand image and reputation.

    Waste Limited Resources

    Putting limited resources towards vanity programs and/or fixes that have little to no bearing on core satisfaction drivers wastes time and money.

    “When customer dissatisfaction goes unnoticed, it can slowly kill a company. Because of the intangible nature of customer dissatisfaction, managers regularly underestimate the magnitude of customer dissatisfaction and its impact on the bottom line.”

    - Lakshmiu Tatikonda, “The Hidden Costs of Customer Dissatisfaction”, 2013

    SoftwareReviews Advisory Insight:

    Most companies struggle to understand what’s truly driving customers to stay or leave. By understanding the true satisfaction drivers, tech providers can measure and monitor satisfaction more effectively, avoiding the numerous harmful consequences that result from average customer satisfaction measurement.

    Does your customer satisfaction measurement process need improvement?

    Getting an accurate picture of customer satisfaction is no easy task. Struggling with any of the following means you are ready for a detailed review of your customer satisfaction measurement efforts:

    • Not knowing who your most satisfied customers are.
    • Lacking early detection for declining satisfaction – either reactive, or unaware of dissatisfaction as it’s occurring.
    • Lacking a process for monitoring changes in satisfaction and lack ability to be proactive; you feel blindsided when customers leave.
    • Inability to fix the problem and wasting money on the wrong areas, like vanity metrics that don’t bring value to customers.
    • Spending money and other resources towards fixes based on a gut feeling, without quantifying the real root cause drivers and investing in their improvement.
    • Having metrics and data but lacking context; don’t know what contributed to the metrics/results, why people are dissatisfied or what contributes to satisfaction.
    • Lacking clear definition of what satisfaction means to customers / customer segments.
    • Difficulty tying satisfaction back to financial results.

    Customers are more satisfied with software vendors who understand the difference between surface level and short-term satisfaction, and deep or long-term satisfaction

    Surface-level satisfaction

    Surface-level satisfaction has immediate effects, but they are usually short-term or limited to certain groups of users. There are several factors that contribute to satisfaction including:

    • Novelty of new software
    • Ease of implementation
    • Financial savings
    • Breadth of features

    Software Leaders Drive Deep Satisfaction

    Deep satisfaction has long-term and meaningful impacts on the way that organizations work. Deep satisfaction has staying power and increases or maintains satisfaction over time, by reducing complexity and delivering exceptional quality for end-users and IT alike. This report found that the following capabilities provided the deepest levels of satisfaction:

    • Usability and intuitiveness
    • Quality of features
    • Ease of customization
    • Vendor-specific capabilities

    The above solve issues that are part of everyday problems, and each drives satisfaction in deep and meaningful ways. While surface-level satisfaction is important, deep and impactful capabilities can sustain satisfaction for a longer time.

    Deep Customer Satisfaction Among Software Buyers Correlates Highly to “Emotional Attributes”

    Vendor Capabilities and Product Features remain significant but are not the primary drivers

    The image contains a graph to demonstrate a correlation to Satisfaction, all Software Categories.
    Source: SoftwareReviews buyer reviews (based on 82,560 unique reviews).

    Driving deep satisfaction among software customers vs. surface-level measures is key

    Vendor capabilities and product features correlate significantly to buyer satisfaction

    Yet, it’s the emotional attributes – what we call the “Emotional Footprint”, that correlate more strongly

    Business-Value Created and Emotional Attributes are what drives software customer satisfaction the most

    The image contains a screenshot of a graph to demonstrate Software Buyer Satisfaction Drivers and Emotional Attributes are what drives software customer satisfaction.

    Software companies looking to improve customer satisfaction will focus on business value created and the Emotional Footprint attributes outlined here.

    The essential ingredient is understanding how each is defined by your customers.

    Leaders focus on driving improvements as described by customers.

    SoftwareReviews Insight:

    These true drivers of satisfaction should be considered in your customer satisfaction measurement and monitoring efforts. The experience customers have with your product and brand is what will differentiate your brand from competitors, and ultimately, power business growth. Talk to a SoftwareReviews Advisor to learn how users rate your product on these satisfaction drivers in the SoftwareReviews Emotional Footprint Report.

    Benefits of Effective Customer Satisfaction Measurement

    Our research provides Customer Success leaders with the following key benefits:

    • Ability to know who is satisfied, dissatisfied, and why.
    • Confidence in how to understand or uncover the factors behind customer satisfaction; understand and identify factors driving satisfaction, dissatisfaction.
    • Ability to develop a clear plan for improving customer satisfaction.
    • Knowledge of how to establish a repeatable process for customer satisfaction measurement and monitoring that allows for proactivity when declines in satisfaction are detected.
    • Understanding of what metrics to use, how to measure them, and where to find the right information/data.
    • Knowledge of where money, time, and other resources are needed most to drive tangible customer value.

    “81% of organizations cite CX as a competitive differentiator. The top factor driving digital transformation is improving CX […] with companies reporting benefits associated with improving CX including:

    • Increased customer loyalty (92%)
    • An uplift in revenue (84%)
    • Cost savings (79%).”

    – Dan Cote, “Advocacy Blooms and Business Booms When Customers and Employees Engage”, Influitive, 2021

    The image contains a screenshot of a thought model that focuses on Measure & Manage the Customer Satisfaction Metrics That Matter the Most.

    Who benefits from improving the measurement and monitoring of customer satisfaction?

    This Research Is Designed for:

    • Customer Success leaders and marketers who are:
      • Responsible for understanding how to benchmark, measure, and understand customer satisfaction to improve satisfaction, NPS, and ROI.
      • Looking to take a more proactive and structured approach to customer satisfaction measurement and monitoring.
      • Looking for a more effective and accurate way to measure and understand how to improve customer satisfaction around products and services.

    This Research Will Help You:

    • Understand the factors driving satisfaction and dissatisfaction.
    • Know which customers are satisfied/dissatisfied.
    • Know where time, money, and resources are needed the most in order to improve or maintain satisfaction levels.
    • Develop a formal plan to improve customer satisfaction.
    • Establish a repeatable process for customer satisfaction measurement and monitoring that allows for proactivity when declines in satisfaction are detected.

    This Research Will Also Assist:

    • Customer Success Leaders, Marketing and Sales Directors and Managers, Product Marketing Managers, and Advocacy Managers/Coordinators who are responsible for:
      • Product improvements and enhancements
      • Customer service and onboarding
      • Customer advocacy programs
      • Referral/VoC programs

    This Research Will Help Them:

    • Coordinate and align on customer experience efforts and actions.
    • Gather and make use of customer feedback to improve products, solutions, and services provided.
    • Provide an amazing customer experience throughout the entirety of the customer journey.

    SoftwareReviews’ methodology for measuring the customer satisfaction metrics that matter the most

    1. Identify true customer satisfaction drivers

    2. Develop metrics dashboard

    3. Develop customer satisfaction measurement and management plan

    Phase Steps

    1. Identify data sources, documenting any gaps in data
    2. Analyze all relevant data on customer experiences and outcomes
    3. Document top satisfaction drivers
    1. Identify business goals, problems to be solved / define business challenges and marketing/customer success goals
    2. Use SR diagnostic to assess current state of satisfaction measurement, assessing metric alignment to satisfaction drivers
    3. Define your metrics dashboard
    4. Develop common metric definitions, language for discussing, and standards for measuring customer satisfaction
    1. Determine committee structure to measure performance metrics over time
    2. Map out gaps in satisfaction along customer journey/common points in journey where customers are least dissatisfied
    3. Build plan that identifies weak areas and shows how to fix using SR’s emotional footprint, other measures
    4. Create plan and roadmap for CSat improvement
    5. Create communication deck

    Phase Outcomes

    1. Documented satisfaction drivers
    2. Documented data sources and gaps in data
    1. Current state customer satisfaction measurement analysis
    2. Common metric definitions and measurement standards
    3. Metrics dashboard
    1. Customer satisfaction measurement plan
    2. Customer satisfaction improvement plan
    3. Customer journey maps
    4. Customer satisfaction improvement communication deck
    5. Customer Satisfaction Committee created

    Insight summary

    Understanding and measuring the true drivers of satisfaction enable the delivery of real customer value

    All software companies measure satisfaction in some way, but many lack understanding of what’s truly driving customers to stay or leave. By understanding the true drivers of satisfaction, solution providers can measure and monitor satisfaction more effectively, pull actionable insights and feedback, and make changes to products and services that customers really care about and which will keep them coming back to you to have their needs met.

    Positive experiences drive satisfaction more so than features and cost

    According to our analysis of software buyer reviews data*, the biggest drivers of satisfaction and likeliness to recommend are the positive experiences customers have with vendors and their products. Customers want to feel that:

    1. Their productivity and performance is enhanced, and the vendor is helping them innovate and grow as a company.
    2. Their vendor inspires them and helps them to continually improve.
    3. They can rely on the vendor and the product they purchased.
    4. They are respected by the vendor.
    5. They can trust that the vendor will be on their side and save them time.
    *8 million data points across all software categories

    Measure Key Relationship KPIs to gauge satisfaction

    Key metrics to track include the Business Value Created score, Net Emotional Footprint, and the Love/Hate score (the strength of emotional connection).

    Orient the organization around customer experience excellence

    1. Arrange staff incentives around customer value instead of metrics that are unrelated to satisfaction.
    2. Embed customer experience as a core company value and integrate it into all functions.
    3. Make working with your organization easy and seamless for customers.

    Have a designated committee for customer satisfaction measurement

    Best in class organizations create customer satisfaction committees that meet regularly to measure and monitor customer satisfaction, resolve issues quickly, and work towards improved customer experience and profit outcomes.

    Use metrics that align to top satisfaction drivers

    This will give you a more accurate and fulsome view of customer satisfaction than standard satisfaction metrics alone will.

    Guided Implementation

    What is our GI on measuring and managing the customer satisfaction metrics that matter most?

    Identify True Customer Satisfaction Drivers

    Develop Metrics Dashboard Develop Customer Satisfaction Measurement and Management Plan

    Call #1: Discuss current pain points and barriers to successful customer satisfaction measurement, monitoring and maintenance. Plan next call – 1 week.

    Call #2: Discuss all available data, noting any gaps. Develop plan to fill gaps, discuss feasibility and timelines. Plan next call – 1 week.

    Call #3: Walk through SoftwareReviews reports to understand EF and satisfaction drivers. Plan next call – 3 days.

    Call #4: Segment customers and document key satisfaction drivers. Plan next call – 2 week.

    Call #5: Document business goals and align them to metrics. Plan next call – 1 week.

    Call #6: Complete the SoftwareReviews satisfaction measurement diagnostic. Plan next call – 3 days.

    Call #7: Score list of metrics that align to satisfaction drivers. Plan next call – 2 days.

    Call #8: Develop metrics dashboard and definitions. Plan next call – 2 weeks.

    Call #9: Finalize metrics dashboard and definitions. Plan next call – 1 week.

    Call #10: Discuss committee and determine governance. Plan next call – 2 weeks.

    Call #11: Map out gaps in satisfaction along customer journey as they relate to top satisfaction drivers. Plan next call –2 weeks.

    Call #12: Develop plan and roadmap for satisfaction improvement. Plan next call – 1 week.

    Call #13: Finalize plan and roadmap. Plan next call – 1 week.

    Call # 14: Review and coach on communication deck.

    A Guided Implementation (GI) is series of calls with a SoftwareReviews Advisory analyst to help implement our best practices in your organization.

    For guidance on marketing applications, we can arrange a discussion with an Info-Tech analyst.

    Your engagement managers will work with you to schedule analyst calls.

    Software Reviews offers various levels of support to best suit your needs

    DIY Toolkit

    Guided Implementation

    Workshop

    Consulting

    “Our team has already made this critical project a priority, and we have the time and capability, but some guidance along the way would be helpful.” “Our team knows that we need to fix a process, but we need assistance to determine where to focus. Some check-ins along the way would help keep us on track.” “We need to hit the ground running and get this project kicked off immediately. Our team has the ability to take this over once we get a framework and strategy in place.” “Our team does not have the time or the knowledge to take this project on. We need assistance through the entirety of this project.”
    Included within Advisory Membership Optional add-ons

    Bibliography

    “Are you experienced?” Bain & Company, Apr. 2015. Accessed 6 June. 2022.

    Brisco, Ken. “Measuring Customer Satisfaction and Why It’s So Important.” NICE, Feb. 2019. Accessed 6 June. 2022.

    CMO.com Team. “The Customer Experience Management Mandate.” Adobe Experience Cloud Blog, July 2019. Accessed 14 June. 2022.

    Cote, Dan. “Advocacy Blooms and Business Booms When Customers and Employees Engage.” Influitive, Dec. 2021. Accessed 15 June. 2022.

    Fanderl, Harald and Perrey, Jesko. “Best of both worlds: Customer experience for more revenues and lower costs.” McKinsey & Company, Apr. 2014. Accessed 15 June. 2022.

    Gallemard, Jeremy. “Why – And How – Should Customer Satisfaction Be Measured?” Smart Tribune, Feb. 2020. Accessed 6 June. 2022.

    Kumar, Swagata. “Customer Success Statistics in 2021.” Customer Success Box, 2021. Accessed 17 June. 2022.

    Lakshmiu Tatikonda, “The Hidden Costs of Customer Dissatisfaction”, Management Accounting Quarterly, vol. 14, no. 3, 2013, pp 38. Accessed 17 June. 2022.

    Loper, Matthew. “Why ‘Customer Satisfaction’ Misses the Mark – And What to Measure Instead.” Newsweek, Jan. 2022. Accessed 16 June. 2022.

    Maechler, Nicolas, et al. “Improving the business-to-business customer experience.” McKinsey & Company, Mar. 2016. Accessed 16 June.

    “New Research from Dimension Data Reveals Uncomfortable CX Truths.” CISION PR Newswire, Apr. 2017. Accessed 7 June. 2022.

    Sheth, Rohan. 75 Must-Know Customer Experience Statistics to move Your Business Forward in 2022.” SmartKarrot, Feb. 2022. Accessed 17 June. 2022.

    Smith, Mercer. “111 Customer Service Statistics and Facts You Shouldn’t Ignore.” HelpScout, May 2022. Accessed 17 June. 2022.

    “State of the Connected Customer.” Salesforce, 2020. Accessed 14 June. 2022

    “The true value of customer experiences.” Deloitte, 2018. Accessed 15 June. 2022.

    Stakeholder Relations

    • Buy Link or Shortcode: {j2store}25|cart{/j2store}
    • Related Products: {j2store}25|crosssells{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Strategy and Governance
    • Parent Category Link: /strategy-and-governance

    The challenge

    • Stakeholders come in a wide variety, often with competing and conflicting demands.
    • Some stakeholders are hard to identify. Those hidden agendas may derail your efforts.
    • Understanding your stakeholders' relative importance allows you to prioritize your IT agenda according to the business needs.

    Our advice

    Insight

    • Stakeholder management is an essential factor in how successful you will be.
    • Stakeholder management is a continuous process. The landscape constantly shifts.
    • You must also update your stakeholder management plan and approach on an ongoing basis.

    Impact and results 

    • Use your stakeholder management process to identify, prioritize, and manage key stakeholders effectively.
    • Continue to build on strengthening your relationships with stakeholders. It will help to gain easier buy-in and support for your future initiatives. 

    The roadmap

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    Make the case

    Identify stakeholders

    • Stakeholder Management Analysis Tool (xls)

    Analyze your stakeholders

    Assess the stakeholder's influence, interest, standing, and support to determine priority for future actions 

    Manage your stakeholders

    Develop your stakeholder management and communication plans

    • Stakeholder Management Plan Template (doc)
    • Communication Plan Template (doc)

    Monitor your stakeholder management plan performance

    Measure and monitor the success of your stakeholder management process.

     

     

    Achieve Digital Resilience by Managing Digital Risk

    • Buy Link or Shortcode: {j2store}375|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $123,999 Average $ Saved
    • member rating average days saved: 4 Average Days Saved
    • Parent Category Name: Governance, Risk & Compliance
    • Parent Category Link: /governance-risk-compliance

    Businesses are expected to balance achieving innovation through initiatives that transform the organization with effective risk management. While this is nothing new, added challenges arise due to:

    • An increasingly large vendor ecosystem within which to manage risk.
    • A fragmented approach to risk management that separates cyber and IT risk from enterprise risk.
    • A rapidly growing number of threat actors and a larger attack surface.

    Our Advice

    Critical Insight

    • All risks are digital risks.
    • Manage digital risk with a collaborative approach that supports digital transformation, ensures digital resilience, and distributes responsibility for digital risk management across the organization.

    Impact and Result

    Address digital risk to build digital resilience. In the process, you will drive transformation and maintain digital trust among your employees, end users, and consumers by:

    • Defining digital risk, including primary risk categories and prevalent risk factors.
    • Leveraging industry examples to help identify external risk considerations.
    • Building a digital risk profile, addressing core risk categories, and creating a correlating plan for digital risk management.

    Achieve Digital Resilience by Managing Digital Risk Research & Tools

    Start here – read the Executive Brief

    Risk does not exist in isolation and must extend beyond your cyber and IT teams. Read our concise Executive Brief to find out how to manage digital risk to help drive digital transformation and build your organization's digital resilience.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Redefine digital risk and resilience

    Discover an overview of what digital risk is, learn how to assess risk factors for the five primary categories of digital risk, see several industry-specific scenarios, and explore how to plan for and mitigate identified risks.

    • Achieve Digital Resilience by Managing Digital Risk – Phases 1-2
    • Digital Risk Management Charter

    2. Build your digital risk profile

    Begin building the digital risk profile for your organization, identify where your key areas of risk exposure exist, and assign ownership and accountability among the organization’s business units.

    • Digital Risk Profile Tool
    • Digital Risk Management Executive Report
    [infographic]

    Workshop: Achieve Digital Resilience by Managing Digital Risk

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Scope and Define Digital Risk

    The Purpose

    Develop an understanding and standard definition of what digital risk is, who it impacts, and its relevance to the organization.

    Key Benefits Achieved

    Understand what digital risk means and how it differs from traditional enterprise or cybersecurity risk.

    Develop a definition of digital risk that recognizes the unique external and internal considerations of your organization.

    Activities

    1.1 Review the business context

    1.2 Review the current roles of enterprise, IT, and cyber risk management within the organization

    1.3 Define digital transformation and list transformation initiatives

    1.4 Define digital risk in the context of the organization

    1.5 Define digital resilience in the context of the organization

    Outputs

    Digital risk drivers

    Applicable definition of digital risk

    Applicable definition of digital resilience

    2 Make the Case for Digital Risk Management

    The Purpose

    Understand the roles digital risk management and your digital risk profile have in helping your organization achieve safe, transformative growth.

    Key Benefits Achieved

    An overview and understanding of digital risk categories and subsequent individual digital risk factors for the organization

    Industry considerations that highlight the importance of managing digital risk

    A structured approach to managing the categories of digital risk

    Activities

    2.1 Review and discuss industry case studies and industry examples of digital transformation and digital risk

    2.2 Revise the organization's list of digital transformation initiatives (past, current, and future)

    2.3 Begin to build your organization's Digital Risk Management Charter (with inputs from Module 1)

    2.4 Revise, customize, and complete a Digital Risk Management Charter for the organization

    Outputs

    Digital Risk Management Charter

    Industry-specific digital risks, factors, considerations, and scenarios

    The organization's digital risks mapped to its digital transformation initiatives

    3 Build Your Digital Risk Profile

    The Purpose

    Develop an initial digital risk profile that identifies the organization’s core areas of focus in managing digital risk.

    Key Benefits Achieved

    A unique digital risk profile for the organization

    Digital risk management initiatives that are mapped against the organization's current strategic initiatives and aligned to meet your digital resilience objectives and benchmarks

    Activities

    3.1 Review category control questions within the Digital Risk Profile Tool

    3.2 Complete all sections (tabs) within the Digital Risk Profile Tool

    3.3 Assess the results of your Digital Risk Profile Tool

    3.4 Discuss and assign initial weightings for ownership of digital risk among the organization's stakeholders

    Outputs

    Completion of all category tabs within the Digital Risk Profile Tool

    Initial stakeholder ownership assignments of digital risk categories

    4 Manage Your Digital Risk

    The Purpose

    Refine the digital risk management plan for the organization.

    Key Benefits Achieved

    A targeted, organization-specific approach to managing digital risk as a part of the organization's projects and initiatives on an ongoing basis

    An executive presentation that outlines digital risk management for your senior leadership team

    Activities

    4.1 Conduct brief information sessions with the relevant digital risk stakeholders identified in Module 3.

    4.2 Review and revise the organization's Digital Risk Profile as necessary, including adjusting weightings for the digital risk categories

    4.3 Begin to build an actionable digital risk management plan

    4.4 Present your findings to the organization's relevant risk leaders and executive team

    Outputs

    A finalized and assessed Digital Risk Profile Tool

    Stakeholder ownership for digital risk management

    A draft Digital Risk Management plan and Digital Risk Management Executive Report

    Explore the Secrets of SAP Software Contracts to Optimize Spend and Reduce Compliance Risk

    • Buy Link or Shortcode: {j2store}140|cart{/j2store}
    • member rating overall impact (scale of 10): 9.8/10 Overall Impact
    • member rating average dollars saved: $73,994 Average $ Saved
    • member rating average days saved: 9 Average Days Saved
    • Parent Category Name: Licensing
    • Parent Category Link: /licensing
    • SAP has strict audit practices, which, in combination with 50+ types of user classifications and manual accounting for some licenses, make maintaining compliance difficult.
    • Mapping and matching SAP products to the environment can be highly complex, leading to overspending and an inability to reduce spend later.
    • Beware of indirect access to SAP applications from third-party applications (e.g. Salesforce).
    • Products that have been acquired by SAP may have altered licensing terms that are innocuously referred to in support renewal documents.

    Our Advice

    Critical Insight

    • Focus on needs first. Conduct a thorough requirements assessment and document the results. Well-documented license needs will be your core asset in navigating SAP licensing and negotiating your agreement.
    • Examine indirect access possibilities. Understanding how in-house or third-party applications may be accessing the SAP software is critical.
    • Know whats in the contract. Each customer agreement is different and there may be terms that are beneficial. Older agreements may provide both benefits and challenges when evaluating your SAP license position.

    Impact and Result

    • Conduct an analysis to remove inactive and duplicate users as multiple logins may exist and could end up costing the organization license fees when audited.
    • Adopt a cyclical approach to reviewing your SAP licensing and create a reference document to track your software needs, planned licensing, and purchase negotiation points.
    • Learn the “SAP way” of conducting business, which includes a best-in-class sales structure, unique contracts and license use policies, and a hyper-aggressive compliance function. Conducting business with SAP is not typical compared to other vendors, and you will need different tools to emerge successfully from a commercial transaction.
    • Manage SAP support and maintenance spend and policies. Once an agreement has been signed, it can be very difficult to decrease spend, as SAP will reprice products if support is dropped.

    Explore the Secrets of SAP Software Contracts to Optimize Spend and Reduce Compliance Risk Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you need to understand and document your SAP licensing strategy, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Establish licensing requirements

    Begin your proactive SAP licensing journey by understanding which information to gather and assessing the current state and gaps.

    • Explore the Secrets of SAP Software Contracts to Optimize Spend and Reduce Compliance Risk – Phase 1: Establish Licensing Requirements
    • SAP License Summary and Analysis Tool

    2. Evaluate licensing options

    Review current licensing models and determine which licensing models will most appropriately fit your environment.

    • Explore the Secrets of SAP Software Contracts to Optimize Spend and Reduce Compliance Risk – Phase 2: Evaluate Licensing Options

    3. Evaluate agreement options

    Review SAP’s contract types and assess which best fit the organization’s licensing needs.

    • Explore the Secrets of SAP Software Contracts to Optimize Spend and Reduce Compliance Risk – Phase 3: Evaluate Agreement Options

    4. Purchase and manage licenses

    Conduct negotiations, purchase licensing, and finalize a licensing management strategy.

    • Explore the Secrets of SAP Software Contracts to Optimize Spend and Reduce Compliance Risk – Phase 4: Purchase and Manage Licenses
    [infographic]

    Fast Track Your GDPR Compliance Efforts

    • Buy Link or Shortcode: {j2store}372|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $25,779 Average $ Saved
    • member rating average days saved: 30 Average Days Saved
    • Parent Category Name: Governance, Risk & Compliance
    • Parent Category Link: /governance-risk-compliance
    • Organizations often tackle compliance efforts in an ad hoc manner, resulting in an ineffective use of resources.
    • The alignment of business objectives, information security, and data privacy is new for many organizations, and it can seem overwhelming.
    • GDPR is an EU regulation that has global implications; it likely applies to your organization more than you think.

    Our Advice

    Critical Insight

    • Financial impact isn’t simply fines. A data controller fined for GDPR non-compliance may sue its data processor for damage.
    • Even day-to-day activities may be considered processing. Screen-sharing from a remote location is considered processing if the data shown onscreen contains personal data!
    • This is not simply an IT problem. Organizations that address GDPR in a siloed approach will not be as successful as organizations that take a cross-functional approach.

    Impact and Result

    • Follow a robust methodology that applies to any organization and aligns operational and situational GDPR scope. Info-Tech's framework allows organizations to tackle GDPR compliance in a right-sized, methodical approach.
    • Adhere to a core, complex GDPR requirement through the use of our documentation templates.
    • Understand how the risk of non-compliance is aligned to both your organization’s functions and data scope.
    • This blueprint will guide you through projects and steps that will result in quick wins for near-term compliance.

    Fast Track Your GDPR Compliance Efforts Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should fast track your GDPR compliance efforts, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Understand your compliance requirements

    Understand the breadth of the regulation’s requirements and document roles and responsibilities.

    • Fast Track Your GDPR Compliance Efforts – Phase 1: Understand Your Compliance Requirements
    • GDPR RACI Chart

    2. Define your GDPR scope

    Define your GDPR scope and prioritize initiatives based on risk.

    • Fast Track Your GDPR Compliance Efforts – Phase 2: Define Your GDPR Scope
    • GDPR Initiative Prioritization Tool

    3. Satisfy documentation requirements

    Understand the requirements for a record of processing and determine who will own it.

    • Fast Track Your GDPR Compliance Efforts – Phase 3: Satisfy Documentation Requirements
    • Record of Processing Template
    • Legitimate Interest Assessment Template
    • Data Protection Impact Assessment Tool
    • A Guide to Data Subject Access Requests

    4. Align your data breach requirements and security program

    Document your DPO decision and align security strategy to data privacy.

    • Fast Track Your GDPR Compliance Efforts – Phase 4: Align Your Data Breach Requirements & Security Program

    5. Prioritize your GDPR initiatives

    Prioritize any initiatives driven out of Phases 1-4 and begin developing policies that help in the documentation effort.

    • Fast Track Your GDPR Compliance Efforts – Phase 5: Prioritize Your GDPR Initiatives
    • Data Protection Policy
    [infographic]

    Workshop: Fast Track Your GDPR Compliance Efforts

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Understand Your Compliance Requirements

    The Purpose

    Kick-off the workshop; understand and define GDPR as it exists in your organizational context.

    Key Benefits Achieved

    Prioritize your business units based on GDPR risk.

    Assign roles and responsibilities.

    Activities

    1.1 Kick-off and introductions.

    1.2 High-level overview of weekly activities and outcomes.

    1.3 Identify and define GDPR initiative within your organization’s context.

    1.4 Determine what actions have been done to prepare; how have regulations been handled in the past?

    1.5 Identify key business units for GDPR committee.

    1.6 Document business units and functions that are within scope.

    1.7 Prioritize business units based on GDPR.

    1.8 Formalize stakeholder support.

    Outputs

    Prioritized business units based on GDPR risk

    GDPR Compliance RACI Chart

    2 Define Your GDPR Scope

    The Purpose

    Know the rationale behind a record of processing.

    Key Benefits Achieved

    Determine who will own the record of processing.

    Activities

    2.1 Understand the necessity for a record of processing.

    2.2 Determine for each prioritized business unit: are you a controller or processor?

    2.3 Develop a record of processing for most-critical business units.

    2.4 Perform legitimate interest assessments.

    2.5 Document an iterative process for creating a record of processing.

    Outputs

    Initial record of processing: 1-2 activities

    Initial legitimate interest assessment: 1-2 activities

    Determination of who will own the record of processing

    3 Satisfy Documentation Requirements and Align With Your Data Breach Requirements and Security Program

    The Purpose

    Review existing security controls and highlight potential requirements.

    Key Benefits Achieved

    Ensure the initiatives you’ll be working on align with existing controls and future goals.

    Activities

    3.1 Determine the appetite to align the GDPR project to data classification and data discovery.

    3.2 Discuss the benefits of data discovery and classification.

    3.3 Review existing incident response plans and highlight gaps.

    3.4 Review existing security controls and highlight potential requirements.

    3.5 Review all initiatives highlighted during days 1-3.

    Outputs

    Highlighted gaps in current incident response and security program controls

    Documented all future initiatives

    4 Prioritize GDPR Initiatives

    The Purpose

    Review project plan and initiatives and prioritize.

    Key Benefits Achieved

    Finalize outputs of the workshop, with a strong understanding of next steps.

    Activities

    4.1 Analyze the necessity for a data protection officer and document decision.

    4.2 Review project plan and initiatives.

    4.3 Prioritize all current initiatives based on regulatory compliance, cost, and ease to implement.

    4.4 Develop a data protection policy.

    4.5 Finalize key deliverables created during the workshop.

    4.6 Present the GDPR project to key stakeholders.

    4.7 Workshop executive presentation and debrief.

    Outputs

    GDPR framework and prioritized initiatives

    Data Protection Policy

    List of key tools

    Communication plans

    Workshop summary documentation

    Implement a Social Media Program

    • Buy Link or Shortcode: {j2store}560|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Marketing Solutions
    • Parent Category Link: /marketing-solutions
    • IT is being caught in the middle of various business units, all separately attempting to create, staff, implement, and instrument a social media program.
    • Requests for procuring social media tools and integrating with CRM systems are coming from all directions, with no central authority governing a social media program or coordinating business goals.
    • Public Relations and Corporate Communications groups have been acting as the first level of response to social media channels since the company’s first Twitter account went live, but the volume of inquiries received through social channels has become too great for these groups to continue in a first responder role.

    Our Advice

    Critical Insight

    • Social media immaturity is an opportunity for IT leadership. As with so many of the “next new things,” IT has an opportunity to help the business understand social media technologies, trends, and risks, and coordinate efforts to approach social media as a united company.
    • Social media maturity must reach the Social Media Steering Committee stage before major investments in technology can proceed. As with all business initiatives, technology automation decisions cannot be made without respect to organizational and process maturity. Social media strategy stakeholders must join together and form a steering committee to create policies and procedures, govern strategy, develop workflows, and facilitate technology selection processes. IT not only belongs on such a steering committee, but it can also be instrumental in the formation of it.
    • Info-Tech’s research repeatedly indicates that the greatest return from social media investments is in the customer service domain, by reacting to incoming social inquiries and proactively listening to social conversations for product and service inquiry opportunities. This means CRM integration is essential to long-term social media program success.

    Impact and Result

    • Assess your organization’s social maturity to know where to begin and where to go in implementation of a social media program.
    • Form a social media steering committee to bring order to chaos among different business units.
    • Develop comprehensive workflows to categorize and prioritize inquiries, and then route them to the appropriate part of the business for resolution.
    • Consider creating one or more physical social media command centers to process large volumes of social inquiries more efficiently and monitor real-time social media metrics to improve critical response times.

    Implement a Social Media Program Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Assess your organization's social maturity

    Know where to begin and where to go in implementation of a social media program.

    • Storyboard: Implement a Social Media Program
    • Social Media Maturity Assessment Tool

    2. Form a social media steering committee

    Bring order to chaos among different business units.

    • Social Media Steering Committee Charter Template
    • Social Media Acceptable Use Policy
    • Blogging and Microblogging Guidelines Template

    3. Consider creating one or more physical social media command centers

    Process large volumes of social inquiries more efficiently, and monitor real-time social media metrics to improve critical response times.

    • Social Media Representative
    • Social Media Manager
    [infographic]

    Cost-Optimize Your Security Budget

    • Buy Link or Shortcode: {j2store}250|cart{/j2store}
    • member rating overall impact (scale of 10): 9.0/10 Overall Impact
    • member rating average dollars saved: $2,078 Average $ Saved
    • member rating average days saved: 2 Average Days Saved
    • Parent Category Name: Security Strategy & Budgeting
    • Parent Category Link: /security-strategy-and-budgeting
    • The security budget has been slashed and the team needs to do more with less.
    • Mitigating risk is still the top priority, only now we need to reassess effectiveness and efficiency to ensure we are getting the greatest level of protection for the least amount of money.

    Our Advice

    Critical Insight

    A cost-optimized security budget is one that has the greatest impact on risk for the least amount of money spent.

    Impact and Result

    • Focus on business needs and related risks. Review the risk-reduction efficacy of your people, processes, and technology and justify what can be cut and what must stay.
    • Info-Tech will guide you through this process, and by the end of this blueprint you will have a cost-optimized security budget and an executive presentation to explain your revised spending.

    Cost-Optimize Your Security Budget Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should cost-optimize your security budget, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Cost-optimize your technology and managed services

    This phase will help you assess the efficacy of your current technology and service providers.

    • Threat and Risk Assessment Tool
    • In-House vs. Outsourcing Decision-Making Tool

    2. Cost-optimize your staffing

    This phase will help you assess if layoffs are necessary.

    • Security Employee Layoff Selection Tool

    3. Cost-optimize your security strategy

    This phase will help you revise the pending process-based initiatives in your security strategy.

    • Security Cost Optimization Workbook
    • Security Cost Optimization Executive Presentation
    [infographic]

    Get Started With IT Project Portfolio Management

    • Buy Link or Shortcode: {j2store}443|cart{/j2store}
    • member rating overall impact (scale of 10): 10.0/10 Overall Impact
    • member rating average dollars saved: $7,599 Average $ Saved
    • member rating average days saved: 46 Average Days Saved
    • Parent Category Name: Portfolio Management
    • Parent Category Link: /portfolio-management
    • Most companies are struggling to get their project work done. This is due in part to the fact that many prescribed remedies are confusing, disruptive, costly, or ineffective.
    • While struggling to find a solution, within the organization, project requests never stop and all projects continue to all be treated the same. Resources are requested for multiple projects without any visibility into their project capacity. Projects lack proper handoffs from closure to ongoing operational work. And the benefits are never tracked.
    • If you have too many projects, limited resources, ineffective communications, or low post-project adoption, keep reading. Perhaps you should spend a bit more on project, portfolio, and organizational change management.

    Our Advice

    Critical Insight

    • Successful project outcomes are not built by rigorous project processes: Projects may be the problem, but project management rigor is not the solution.
    • Don’t fall into the common trap of thinking high-rigor project management should be every organization’s end goal.
    • Instead, understand that it is better to spend time assessing the portfolio to determine what projects should be prioritized.

    Impact and Result

    Begin by establishing a few foundational practices that will work to drive project throughput.

    • Capacity Estimation: Understand what your capacity is to do projects by determining how much time is allocated to doing other things.
    • Book of Record: Establish a basic but sustainable book of record so there is an official list of projects in flight and those waiting in a backlog or funnel.
    • Simple Project Management Processes: Align the rigor of your project management process with what is required, not what is prescribed by the PMP designation.
    • Impact Assessment: Address the impact of change at the beginning of the project and prepare stakeholders with the right level of communication.

    Get Started With IT Project Portfolio Management Research & Tools

    Start here – read the Executive Brief

    Begin by establishing a few foundational practices that will work to drive project throughput. Most project management problems are resolved with portfolio level solutions. This blueprint will address the eco-system of project, portfolio, and organizational change management.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Project portfolio management

    Estimate project capacity, determine what needs to be tracked on an ongoing basis, and determine what criteria is necessary for prioritizing projects.

    • Project Portfolio Supply-Demand Analysis Tool
    • Project Value Scorecard Development Tool
    • Project Portfolio Book of Record

    2. Project management

    Develop a process to inform the portfolio of the project status, create a plan that can be maintained throughout the project lifecycle, and manage the scope through a change request process.

    • Light Project Change Request Form Template

    3. Organizational change management

    Perform a change impact assessment and identify the obvious and non-obvious stakeholders to develop a message canvas accordingly.

    • Organizational Change Management Triage Tool

    4. Develop an action plan

    Develop a roadmap for how to move from the current state to the target state.

    • PPM Wireframe
    • Project Portfolio Management Foundations Stakeholder Communication Deck
    [infographic]

    Workshop: Get Started With IT Project Portfolio Management

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Project Portfolio Management

    The Purpose

    Establish the current state of the portfolio.

    Organize the portfolio requirements.

    Determine how projects are prioritized.

    Key Benefits Achieved

    Understand project capacity supply-demand.

    Build a portfolio book of record.

    Create a project value scorecard.

    Activities

    1.1 Conduct capacity supply-demand estimation.

    1.2 Determine requirements for portfolio book of record.

    1.3 Develop project value criteria.

    Outputs

    Clear project capacity

    Draft portfolio book of record

    Project value scorecard

    2 Project Management

    The Purpose

    Feed the portfolio with the project status.

    Plan the project work with a sustainable level of granularity.

    Manage the project as conditions change.

    Key Benefits Achieved

    Develop a process to inform the portfolio of the project status.

    Create a plan that can be maintained throughout the project lifecycle and manage the scope through a change request process.

    Activities

    2.1 Determine necessary reporting metrics.

    2.2 Create a work structure breakdown.

    2.3 Document your project change request process.

    Outputs

    Feed the portfolio with the project status

    Plan the project work with a sustainable level of granularity

    Manage the project as conditions change

    3 Organizational Change Management

    The Purpose

    Discuss change accountability.

    Complete a change impact assessment.

    Create a communication plan for stakeholders.

    Key Benefits Achieved

    Complete a change impact assessment.

    Identify the obvious and non-obvious stakeholders and develop a message canvas accordingly.

    Activities

    3.1 Discuss change accountability.

    3.2 Complete a change impact assessment.

    3.3 Create a communication plan for stakeholders.

    Outputs

    Assign accountability for the change

    Assess the change impact

    Communicate the change

    4 Develop an Action Plan

    The Purpose

    Summarize current state.

    Determine target state.

    Create a roadmap.

    Key Benefits Achieved

    Develop a roadmap for how to move from the current state to the target state.

    Activities

    4.1 Summarize current state and target state.

    4.2 Create a roadmap.

    Outputs

    Stakeholder Communication Deck

    MS Project Wireframe

    Info-Tech Quarterly Research Agenda Outcomes Q2-Q3 2023

    • Buy Link or Shortcode: {j2store}297|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: IT Strategy
    • Parent Category Link: /it-strategy

    At Info-Tech, we take pride in our research and have established the most rigorous publication standards in the industry. However, we understand that engaging with all our analysts to gauge the future may not always be possible. Hence, we have curated some compelling recently published research along with forthcoming research insights to assist you in navigating the next quarter.

    Our Advice

    Critical Insight

    We offer a quarterly Research Agenda Outcomes deck that thoroughly summarizes our recently published research, supplying decision makers with valuable insights and best practices to make informed and effective decisions. Our research is supported by our team of seasoned analysts with decades of experience in the IT industry.

    By leveraging our research, you can stay updated with the latest trends and technologies, giving you an edge over the competition and ensuring the optimal performance of your IT department. This way, you can make confident decisions that lead to remarkable success and improved outcomes.

    Impact and Result

    • Enhance preparedness for future market trends and developments: Keep up to date with the newest trends and advancements in the IT sector to be better prepared for the future.
    • Enhance your decision making: Acquire valuable information and insights to make better-informed, confident decisions.
    • Promote innovation: Foster creativity, explore novel perspectives, drive innovation, and create new products or services.

    Info-Tech Quarterly Research Agenda Outcomes Q2/Q3 2023 Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Info-Tech Quarterly Research Agenda Q3 2023 Deck – An overview of our Research Agenda Outcome for Q2 and Q3 of 2023.

    A guide to our top research published to date for 2023 (Q2/Q3).

    • Info-Tech Quarterly Research Agenda Outcomes for Q2/Q3 2023
    [infographic]

    Further reading

    Featured Research Projects 2023 (Q2/Q3)

    “Here are my selections for the top research projects of the last quarter.”

    Photo of Gord Harrison, Head of Research & Advisory, Info-Tech Research Group.

    Gord Harrison
    Head of Research & Advisory
    Info-Tech Research Group

    CIO

    01
    Build Your Generative AI Roadmap

    Generative AI is here, and it's time to find its best uses – systematically and responsibly.

    02
    CIO Priorities 2023

    Engage cross-functional leadership to seize opportunity while protecting the organization from volatility.

    03
    Build an IT Risk Taxonomy

    If integrated risk is your destination, your IT risk taxonomy is the road to get you there.

    04
    Navigate the Digital ID Ecosystem to Enhance Customer Experience

    Beyond the hype: How it can help you become more customer-focused?

    05
    Effective IT Communications

    Generative AI is here, and it's time to find its best uses – systematically and responsibly.

    06
    Develop a Targeted Flexible Work Program for IT

    Select flexible work options that balance organizational and employee needs to drive engagement and improve attraction and retention.

    07
    Effectively Manage CxO Relations

    Make relationship management a daily habit with a personalized action plan.

    08
    Establish High-Value IT Performance Dashboards and Metrics

    Spend less time struggling with visuals and more time communicating about what matters to your executives.

    Applications

    09
    Build Your Enterprise Application Implementation Playbook

    Your implementation doesn't start with technology but with an effective plan that the team can align on.

    10
    Develop Your Value-First Business Process Automation Strategy

    As you scale your business automations, focus on what matters most.

    11
    Manage Requirements in an Agile Environment

    Agile and requirements management are complementary, not competitors.

    Security

    12
    Assess Your Cybersecurity Insurance Policy

    Adapt to changes in the cyber insurance market.

    13
    Design and Implement a Business-Aligned Security Program

    Focus first on business value.

    Infrastructure & Operations

    14
    Automate IT Asset Data Collection

    Acquire and use discovery tools wisely to populate, update, and validate the data in your ITAM database.

    Industry | Retail

    15
    Leveraging AI to Create Meaningful Insights and Visibility in Retail

    AI prominence across the enterprise value chain.

    Industry | Education

    16
    Understand the Implications of Generative AI in Education

    Bans aren't the answer, but what is?

    Industry | Wholesale

    17
    Wholesale Industry Business Reference Architecture

    Business capability maps, value streams, and strategy maps for the wholesale industry.

    Industry | Retail Banking

    18
    Mainframe Modernization for Retail Banking

    A strategy for modernizing mainframe systems to meet the needs of modern retail banking.

    Industry | Utilities

    19
    Data Analytics Use Cases for Utilities

    Building upon the collective wisdom for the art of the possible.

    Build Your Generative AI Roadmap

    Generative AI is here, and it's time to find its best uses – systematically and responsibly.

    CIO
    Strategy & Governance

    Photo of Bill Wong, Principal Research Director, Info-Tech Research Group.

    Bill Wong
    Principal Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Build Your Generative AI Roadmap' research.

    Sample of the 'Build Your Generative AI Roadmap' research.

    Logo for Info-Tech.

    CIO Priorities 2023

    Engage cross-functional leadership to seize opportunity while protecting the organization from volatility.

    CIO
    Strategy & Governance

    Photo of Brian Jackson, Principal Research Director, Info-Tech Research Group.

    Brian Jackson
    Principal Research Director

    Download this report or book an analyst call on this topic

    Sample of the 'CIO Priorities 2023' report.

    Sample of the 'CIO Priorities 2023' report.

    Logo for Info-Tech.

    Build an IT Risk Taxonomy

    If integrated risk is your destination, your IT risk taxonomy is the road to get you there.

    CIO
    Strategy & Governance

    Photo of Donna Bales, Principal Research Director, Info-Tech Research Group.

    Donna Bales
    Principal Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Build an IT Risk Taxonomy' research.

    Sample of the 'Build an IT Risk Taxonomy' research.

    Logo for Info-Tech.

    Navigate the Digital ID Ecosystem to Enhance Customer Experience

    Beyond the hype: How it can help you become more customer-focused?

    CIO
    Strategy & Governance

    Photo of Manish Jain, Principal Research Director, Info-Tech Research Group.

    Manish Jain
    Principal Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Navigate the Digital ID Ecosystem to Enhance Customer Experience' research.

    Sample of the 'Navigate the Digital ID Ecosystem to Enhance Customer Experience' research.

    Logo for Info-Tech.

    Effective IT Communications

    Empower IT employees to communicate well with any stakeholder across the organization.

    CIO
    People & Leadership

    Photo of Brittany Lutes, Research Director, Info-Tech Research Group.

    Brittany Lutes
    Research Director

    Photo of Diana MacPherson, Senior Research Analyst, Info-Tech Research Group.

    Diana MacPherson
    Senior Research Analyst

    Download this research or book an analyst call on this topic

    Effective IT Communications' research.

    Sample of the 'Effective IT Communications' research.

    Logo for Info-Tech.

    Develop a Targeted Flexible Work Program for IT

    Select flexible work options that balance organizational and employee needs to drive engagement and improve attraction and retention.

    CIO
    People & Leadership

    Photo of Jane Kouptsova, Research Director, Info-Tech Research Group.

    Jane Kouptsova
    Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Develop a Targeted Flexible Work Program for IT' research.

    Sample of the 'Develop a Targeted Flexible Work Program for IT' research.

    Logo for Info-Tech.

    Effectively Manage CxO Relations

    Make relationship management a daily habit with a personalized action plan.

    CIO
    Value & Performance

    Photo of Mike Tweedle, Practice Lead, Info-Tech Research Group.

    Mike Tweedle
    Practice Lead

    Download this research or book an analyst call on this topic

    Sample of the 'Effectively Manage CxO Relations' research.

    Sample of the 'Effectively Manage CxO Relations' research.

    Logo for Info-Tech.

    Establish High-Value IT Performance Dashboards and Metrics

    Spend less time struggling with visuals and more time communicating about what matters to your executives.

    CIO
    Value & Performance

    Photo of Diana MacPherson, Senior Research Analyst, Info-Tech Research Group.

    Diana MacPherson
    Senior Research Analyst

    Download this research or book an analyst call on this topic

    Sample of the 'Establish High-Value IT Performance Dashboards and Metrics' research.

    Sample of the 'Establish High-Value IT Performance Dashboards and Metrics' research.

    Logo for Info-Tech.

    Build Your Enterprise Application Implementation Playbook

    Your implementation doesn't start with technology but with an effective plan that the team can align on.

    Applications
    Business Processes

    Photo of Ricardo de Oliveira, Research Director, Info-Tech Research Group.

    Ricardo de Oliveira
    Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Build Your Enterprise Application Implementation Playbook' research.

    Sample of the 'Build Your Enterprise Application Implementation Playbook' research.

    Logo for Info-Tech.

    Develop Your Value-First Business Process Automation Strategy

    As you scale your business automations, focus on what matters most.

    Applications
    Business Processes

    Photo of Andrew Kum-Seun, Research Director, Info-Tech Research Group.

    Andrew Kum-Seun
    Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Develop Your Value-First Business Process Automation Strategy' research.

    Sample of the 'Develop Your Value-First Business Process Automation Strategy' research.

    Logo for Info-Tech.

    Manage Requirements in an Agile Environment

    Agile and requirements management are complementary, not competitors.

    Applications
    Application Development

    Photo of Vincent Mirabelli, Principal Research Director, Info-Tech Research Group.

    Vincent Mirabelli
    Principal Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Manage Requirements in an Agile Environment' research.

    Sample of the 'Manage Requirements in an Agile Environment' research.

    Logo for Info-Tech.

    Assess Your Cybersecurity Insurance Policy

    Adapt to changes in the cyber insurance market.

    Security
    Security Risk, Strategy & Governance

    Photo of Logan Rohde, Senior Research Analyst, Info-Tech Research Group.

    Logan Rohde
    Senior Research Analyst

    Download this research or book an analyst call on this topic

    Sample of the 'Assess Your Cybersecurity Insurance Policy' research.

    Sample of the 'Assess Your Cybersecurity Insurance Policy' research.

    Logo for Info-Tech.

    Design and Implement a Business-Aligned Security Program

    Focus first on business value.

    Security
    Security Risk, Strategy & Governance

    Photo of Michel Hébert, Research Director, Info-Tech Research Group.

    Michel Hébert
    Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Design and Implement a Business-Aligned Security Program' research.

    Sample of the 'Design and Implement a Business-Aligned Security Program' research.

    Logo for Info-Tech.

    Automate IT Asset Data Collection

    Acquire and use discovery tools wisely to populate, update, and validate the data in your ITAM database.

    Infrastructure & Operations
    I&O Process Management

    Photo of Andrew Sharp, Research Director, Info-Tech Research Group.

    Andrew Sharp
    Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Automate IT Asset Data Collection' research.

    Sample of the 'Automate IT Asset Data Collection' research.

    Logo for Info-Tech.

    Leveraging AI to Create Meaningful Insights and Visibility in Retail

    AI prominence across the enterprise value chain.

    Industry Coverage
    Retail

    Photo of Rahul Jaiswal, Principal Research Director, Info-Tech Research Group.

    Rahul Jaiswal
    Principal Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Leveraging AI to Create Meaningful Insights and Visibility in Retail' research.

    Sample of the 'Leveraging AI to Create Meaningful Insights and Visibility in Retail' research.

    Logo for Info-Tech.

    Understand the Implications of Generative AI in Education

    Bans aren't the answer, but what is?

    Industry Coverage
    Education

    Photo of Mark Maby, Research Director, Info-Tech Research Group.

    Mark Maby
    Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Understand the Implications of Generative AI in Education' research.

    Sample of the 'Understand the Implications of Generative AI in Education' research.

    Logo for Info-Tech.

    Wholesale Industry Business Reference Architecture

    Business capability maps, value streams, and strategy maps for the wholesale industry.

    Industry Coverage
    Wholesale

    Photo of Rahul Jaiswal, Principal Research Director, Info-Tech Research Group.

    Rahul Jaiswal
    Principal Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Wholesale Industry Business Reference Architecture' research.

    Sample of the 'Wholesale Industry Business Reference Architecture' research.

    Logo for Info-Tech.

    Mainframe Modernization for Retail Banking

    A strategy for modernizing mainframe systems to meet the needs of modern retail banking.

    Industry Coverage
    Retail Banking

    Photo of David Tomljenovic, Principal Research Director, Info-Tech Research Group.

    David Tomljenovic
    Principal Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Mainframe Modernization for Retail Banking' research.

    Sample of the 'Mainframe Modernization for Retail Banking' research.

    Logo for Info-Tech.

    Data Analytics Use Cases for Utilities

    Building upon the collective wisdom for the art of the possible.

    Industry Coverage
    Utilities

    Photo of Jing Wu, Principal Research Director, Info-Tech Research Group.

    Jing Wu
    Principal Research Director

    Download this research or book an analyst call on this topic

    Sample of the 'Data Analytics Use Cases for Utilities' research.

    Sample of the 'Data Analytics Use Cases for Utilities' research.

    Sneak Peaks: Research coming in next quarter!

    “Next quarter we have a big lineup of reports and some great new research!”

    Photo of Gord Harrison, Head of Research & Advisory, Info-Tech Research Group.

    Gord Harrison
    Head of Research & Advisory
    Info-Tech Research Group

    1. Build MLOps and Engineering for AI and ML

      Enabling you to develop your Engineering and ML Operations to support your current & planned use cases for AI and ML.
    2. Leverage Gen AI to Improve Your Test Automation Strategy

      Enabling you to embed Gen AI to assist your team during testing broader than Gen AI compiling code.
    3. Make Your IT Financial Data Accessible, Reliable, and Usable

      This project will provide a recipe for bringing IT's financial data to a usable state through a series of discovery, standardization, and policy-setting actions.
    4. Implement Integrated AI Governance

      Enabling you to implement best-practice governance principles when implementing Gen AI.
    5. Develop Exponential IT Capabilities

      Enabling you to understand and develop your strategic Exponential IT capabilities.
    6. Build Your AI Strategy and Roadmap

      This project will provide step-by-step guidance in development of your AI strategy with an AI strategy exemplar.
    7. Priorities for Data Leaders in 2024 and Beyond

      This report will detail the top five challenges expected in the upcoming year and how you as the CDAO can tackle them.
    8. Deploy AIOps More Effectively

      This research is designed to assess the process maturity of your IT operations and help identify pain pains and opportunities for AI deployment within your IT operations.
    9. Design Your Edge Computing Architecture

      This research will provide deployment guidelines and roadmap to address your edge computing needs.
    10. Manage Change in the AI-Enabled Enterprise

      Managing change is complex with the disruptive nature of emerging tech like AI. This research will assist you from an organizational change perspective.
    11. Assess the Security and Privacy Impacts of Your AI Vendors

      This research will allow you to enhance transparency, improve risk management, and ensure the security and privacy of data when working with AI vendors.
    12. Prepare Your Board for AI Disruption

      This research will arm you with tools to educate your board on the impact of Gen AI, addressing the potential risks and the potential benefits.

    Info-Tech Research Leadership Team

    “We have a world-class team of experts focused on providing practical, cutting-edge IT research and advice.”

    Photo of Gord Harrison, Head of Research & Advisory, Info-Tech Research Group.

    Gord Harrison
    Head of Research & Advisory
    Info-Tech Research Group

    Photo of Jack Hakimian, Senior Vice President, Research Development, Info-Tech Research Group.

    Jack Hakimian
    Senior Vice President
    Research Development

    Photo of Aaron Shum, Vice President, Security & Privacy Research, Info-Tech Research Group.

    Aaron Shum
    Vice President
    Security & Privacy Research

    Photo of Larry Fretz, Vice President, Industry Research, Info-Tech Research Group.

    Larry Fretz
    Vice President
    Industry Research

    Photo of Mark Tauschek, Vice President, Research Fellowships, Info-Tech Research Group.

    Mark Tauschek
    Vice President
    Research Fellowships

    Photo of Tom Zehren, Chief Product Officer, Info-Tech Research Group.

    Tom Zehren
    Chief Product Officer

    Photo of Rick Pittman, Vice President, Advisory Quality & Delivery, Info-Tech Research Group.

    Rick Pittman
    Vice President
    Advisory Quality & Delivery

    Photo of Nora Fisher, Vice President, Shared Services, Info-Tech Research Group.

    Nora Fisher
    Vice President
    Shared Services

    Photo of Becca Mackey, Vice President, Workshops, Info-Tech Research Group.

    Becca Mackey
    Vice President
    Workshops

    Photo of Geoff Nielson, Senior Vice President, Global Services & Delivery, Info-Tech Research Group.

    Geoff Nielson
    Senior Vice President
    Global Services & Delivery

    Photo of Brett Rugroden, Senior Vice President, Global Market Programs, Info-Tech Research Group.

    Brett Rugroden
    Senior Vice President
    Global Market Programs

    Photo of Hannes Scheidegger, Senior Vice President, Global Public Sector, Info-Tech Research Group.

    Hannes Scheidegger
    Senior Vice President
    Global Public Sector

    About Info-Tech Research Group

    Info-Tech Research Group produces unbiased and highly relevant research to help leaders make strategic, timely, and well-informed decisions. We partner closely with your teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for the organization.

    Sample of the IT Management & Governance Framework.

    Drive Measurable Results

    Our world-class leadership team is continually focused on building disruptive research and products that drive measurable results and save money.

    Info-Tech logo.

    Better Research Than Anyone

    Our team of experts is composed of the optimal mix of former CIOs, CISOs, PMOs, and other IT leaders and IT and management consultants as well as academic researchers and statisticians.

    Dramatically Outperform Your Peers

    Leverage Industry Best Practices

    We enable over 30,000 members to share their insights and best practices that you can use by having direct access to over 100 analysts as an extension of your team.

    Become an Info-Tech influencer:

    • Help shape our research by talking with our analysts.
    • Discuss the challenges, insights, and opportunities in your chosen areas.
    • Suggest new topic ideas for upcoming research cycles.

    Contact
    Jack Hakimian
    jhakimian@infotech.com

    We interview hundreds of experts and practitioners to help ensure our research is practical and focused on key member challenges.

    Why participate in expert interviews?

    • Discuss market trends and stay up to date.
    • Influence Info-Tech's research direction with your practical experience.
    • Preview our analysts' perspectives and preliminary research.
    • Build on your reputation as a thought leader and research contributor.
    • See your topic idea transformed into practical research.

    Thank you!

    Join us at our webinars to discuss more topics.

    For information on Info-Tech's products and services and to participate in our research process, please contact:

    Jack Hakimian
    jhakimian@infotech.com

    IT Talent Trends 2022

    • Buy Link or Shortcode: {j2store}541|cart{/j2store}
    • member rating overall impact (scale of 10): 8.0/10 Overall Impact
    • member rating average dollars saved: After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.
    • member rating average days saved: Read what our members are saying
    • Parent Category Name: People & Leadership
    • Parent Category Link: /people-and-leadership

    Business and IT leaders aiming to build and keep successful teams in 2022 must:

    • Optimize IT in the face of a competitive labor market.
    • Build or maintain a culture of diversity, equity, and inclusion.
    • Manage the monumental shift to the new normal of remote work.
    • Weather the Great Resignation and come out on top.
    • Correctly assess development areas for their teams.
    • Justify investing in IT talent.

    Our Advice

    Critical Insight

    • If 2021 was about beginning to act on employee needs, 2022 will be about strategically examining each trend to ensure that the organization's promises to take action are more than lip service.
    • Employees have always been able to see through disingenuous attempts to engage them, but in 2022 the stakes are higher due to increased talent mobility.

    Impact and Result

    This report includes:

    • A concise, executive-ready trend report.
    • Data and insights from IT organizations from around the world.
    • Steps to take for each of the trends depending on your current maturity level.
    • Examples and case studies.
    • Links to in-depth Info-Tech research and tools.

    IT Talent Trends 2022 Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. IT Talent Trends Report for 2022 – A report to help you incorporate new ways of working into your business to build and keep the best team.

    Discover Info-Tech’s 2022 talent trends for IT leaders, which will provide insight into taking a strategic approach to navigate the post-pandemic IT talent landscape.

    • IT Talent Trends Report for 2022

    Infographic

    Further reading

    IT Talent Trends 2022

    The last two years have been a great experiment … but it’s not over yet.

    Incorporate new ways of working into your business to build and keep the best team.

    Over the past two years, organizations have ventured into unprecedented ways of working and supporting their employees, as they tried to maintain productivity through the pandemic. This experiment has made lasting changes to both business models and employee expectations, and these effects will continue to be seen long after we return to a “new normal.”

    While the pandemic forced us to work differently for the past two years, looking forward, successful organizations will incorporate new ways of working into their business models – beyond simply having a remote work policy.

    How we work, source roles, and develop talent continue to evolve as we navigate a different world with employees being more vocal in their desires, and leaders continue to play a key role.

    The IT talent market will never be the same, and organizations must reevaluate their employee experience from the bottom up to successfully weather the shift to the new normal.

    IT Talent Trends 2022

    Strategic Recruiting Finds Good Talent

    Finding talent in a strained talent market requires a marketing approach. Posting a job description isn’t enough.

    The (Not So) Great Resignation

    IT is faring better than other functions; however, specific industries need to pay attention.

    Grow Your DEI Practices Into Meaningful Actions

    Good intentions are not enough.

    Remote Work Is Here – Can Your Culture Adapt?

    The Great Experiment is over. Are leaders equipped to capitalize on its promises?

    Management Skills Drive Success in a Remote World

    Despite the need for remote team management training, it is still not happening.

    The pandemic has clarified employees’ needs and amplified their voices

    If 2021 was about beginning to act on employee needs, 2022 will be about strategically examining each trend to ensure that the actions taken by the organization are more than lip service.

    Employees have always been able to see through disingenuous attempts to engage them, but in 2022 the stakes are higher due to increased talent mobility.

    Trends that were just starting to come into focus last year have established themselves as critical determinants of the employee experience in 2022.

    2021

    DEI: A Top Talent ObjectiveRemote Work Is Here to StayUncertainty Unlocks PerformanceA Shift in Skills PrioritiesA Greater Emphasis on Wellbeing
    Arrow pointing down.Joiner pointing down.Joiner pointing down.

    2022

    Strategic Recruiting Finds Good Talent

    Finding talent in a strained talent market requires a marketing approach. Posting a job description isn’t enough.

    The (Not So) Great Resignation

    IT is faring better than other functions; however, specific industries need to pay attention.

    Grow Your DEI Practices Into Meaningful Actions

    Good intentions are not enough.

    Remote Work Is Here – Can Your Culture Adapt?

    The Great Experiment is over. Are leaders equipped to capitalize on its promises?

    Management Skills Drive Success in a Remote World

    Despite the need for remote team management training, it is still not happening.

    What employees are looking for is changing

    Superficial elements of traditional office culture were stripped away by the quick shift to a remote environment, giving employees the opportunity to reevaluate what truly matters to them in a job.

    The biggest change from 2019 (pre-pandemic) to today is increases in the importance of culture, flexible/remote work, and work-life balance.

    Organizations that fail to keep up with this shift in priorities will see the greatest difficulty in hiring and retaining staff.

    As an employee, which of the following would be important to you when considering a potential employer?

    2019 2021
    Flexible Work Pie graph representing response percentages from employees regarding importance of these factors. Flexible Work: 2019, Very 46%, Somewhat 49%, Not at All 5%.
    n=275
    Arrow pointing right. Pie graph representing response percentages from employees regarding importance of these factors. Flexible Work: 2021, Very 76%, Somewhat 21%, Not at All 2%.
    n=206
    Work-Life Balance Pie graph representing response percentages from employees regarding importance of these factors. Work-Life Balance: 2019, Very 67%, Somewhat 30%, Not at All 3%.
    n=277
    Arrow pointing right. Pie graph representing response percentages from employees regarding importance of these factors. Work-Life Balance: 2021, Very 80%, Somewhat 18%, Not at All 1%.
    n=206
    Culture Pie graph representing response percentages from employees regarding importance of these factors. Culture: 2019, Very 68%, Somewhat 31%, Not at All 1%.
    n=277
    Arrow pointing right. Pie graph representing response percentages from employees regarding importance of these factors. Culture: 2021, Very 81%, Somewhat 19%, Not at All 0%.
    n=206
    Source: Info-Tech Talent Trends Survey data collected in 2019 and 2021 Purple Very Important
    Blue Somewhat Important
    Green Not at All Important

    IT’s top talent priorities in 2022

    IT’s top Talent priorities reflect a post-pandemic focus on optimizing talent to fulfill strategic objectives: Top challenges for IT departments, by average rank, with 1 being the top priority.

    Important

    In the 2022 IT Talent Trends Survey, IT departments’ top priorities continue to be learning and innovation in support of organizational objectives. —› Enabling leaning and development within IT
    —› Enabling departmental innovation
    5.01
    5.54
    With employees being clearer and more vocal about their needs than ever before, employee experience has risen to the forefront of IT’s concern as a key enabler of strategic objectives. —› Providing a great employee experience for IT 5.66
    Supporting departmental change 6.01
    With organizations finally on the way to financial stability post pandemic, recruiting is a major focus. —› Recruiting (e.g. quickly filling vacant roles in IT with quality external talent) 6.18
    However, IT’s key efforts are threatened by critical omissions: Fostering a positive employee relations climate in the department 6.32
    Despite a focus on learning and development, leadership skills are not yet a top focus. —› Developing the organization's IT leaders 6.33
    Rapidly moving internal IT employees to staff strategic priorities 6.96
    Facilitating data-driven people decisions within IT 7.12
    Controlling departmental labor costs and maximizing the value of the labor spend 7.13
    Despite the need to provide a great employee experience, the focus on diversity, equity, and inclusion is low. —› Fostering an environment of diversity, equity, and inclusion in the department 7.31
    Despite prioritizing recruiting, IT departments see candidate experience as a last priority, either not focusing on it or relegating it to HR. —› Providing a great candidate experience for IT candidates 8.43
    (n=227)

    IT Talent Trends 2022

    Look beneath the surface of the trends to navigate them successfully

    Above Ground
    Focusing on what you see 'Above the line" won't solve the problem.

    Talent isn't a checklist.

    Strategic Recruiting Finds Good Talent

    Finding talent in a strained talent market requires a marketing approach. Posting a job description isn't enough.
    • The number of job openings increased to 11.4 million on the last business day of October, up from 10.6 million in September (US Bureau of Labor Statistics, Dec. 2021)

    The (Not So) Great Resignation

    IT is faring better than other functions; however, specific industries need to pay attention.
    • In September, in the US, 4.4 million people left their jobs. That number dropped to 4.2 million in October. (US Labor Stats, Dec. 2021)
    • 30% of workers will likely switch jobs if they have to return to the office full time. (McKinsey, Dec. 2021)

    Grow Your DEI Practices Into Meaningful Actions

    Good intentions are not enough.
    • 95% of organizations are focusing on DEI. (2022 HR Trends Report)
    • 48% of IT departments have delivered training on DEI over the past year.

    Remote Work is Here. Can Your Culture Adapt?

    The Great Experiment is over. Are you equipped to capitalize on its promises?
    • 85% of organizations saw the same or higher productivity during the pandemic.
    • 91% of organizations are continuing remote work.

    Management Skills Drive Success in a Remote World

    Despite the need for remote team management training, it is still not happening.
    • 72% of IT departments report high effectiveness at managing remote staff.
    • Learning and development is IT's top priority.
    Cross-section of the Earth and various plants with their root systems, highlighting the world above ground and below.
    Beneath the Surface
    For each trend, a strategic approach to get "under the line" will help form your response.

    Talent needs a holistic approach, as under the line everything is connected. If you are experiencing challenges in one area, analyzing data (e.g. engagement, exit surveys, effectiveness of DEI program and leader training) can help drive overall experience.

    • 100% of job seekers cite culture as somewhat to very important.
    • Only 40% of employers advertise culture in job postings.
    • 70% of IT departments state voluntary turnover is less than 10%
    • Top reasons for resignation are salary, development, and opportunity for innovative work.
    • Resignation rates were higher in fields that had experienced extreme stress due to the pandemic (HBR, Dec. 2021)
    • Senior leadership is overestimating their own commitment to DEI.
    • Most IT departments are not driving their own DEI initiatives.
    • Without effectively measuring DEI practices, organizations will see 1.6x more turnover. (2022 HR Trends Report)
    • Senior leadership is not open to remote work in 23% of organizations.
    • Without leadership support, employees will not buy into remote work initiatives.
    • A remote work policy will not bring organizational benefits without employee buy-in.
    • 75% of senior managers believe remote team management is highly effective, but only 60% of frontline staff agree.
    • Training focuses on technical skills, to the exclusion of soft skills, including management and leadership.
    Solutions
    Recommendations depending on your department's maturity level.
    Attention is required for candidate experience underpinned by a realistic employee value proposition. Gather and review existing data (e.g. early retirements, demographics) to understand your turnover rate. Use employee engagement tools to gauge employee sentiment among impacted groups and build out an engagement strategy to meet those needs. Conduct a cultural assessment to reveal hidden biases that may stand in the way of remote work efficacy. Provide management training on performance management and development coaching.

    Logo for Info-Tech.Logo for ITRG.

    This report is based on organizations just like yours

    Survey timeline = October 2021
    Total respondents = 245 IT professionals

    Geospatial map of survey responses shaded in accordance with the percentages listed below.
    01 United States 45% 08 Middle East 2%
    02 Canada 23% 09 Other (Asia) 2%
    03 Africa 8% 10 Germany 1%
    04 Great Britain 6% 11 India 1%
    05 Latin America, South America or Caribbean 4% 12 Netherlands 1%
    06 Other (Europe) 4% 13 New Zealand 1%
    07 Australia 2% (N-245)

    A bar chart titled 'Please estimate your organization's revenue in US$ (Use operating budget if you are a public-sector organization)' measuring survey responses. '$0 - less than 1M, 7%', '$1M - less than 5M, 4%', '$5M - less than 10M, 4%', '$10M - less than 25M, 6%', '$25M - less than 50M, 5%', '$50M - less than 100M, 13%', '$100M - less than 500M, 24%', '$500M - less than 1B, 9%', '1B - less than 5B, 22%', '$5B+, 8%'. (n=191)

    This report is based on organizations just like yours

    Industry

    Bar chart measuring percentage of survey respondents by industry. The largest percentages are from 'Government', 'Manufacturing', 'Media, information, Telecom & Technology', and 'Financial Services (including banking & insurance)'.

    Info-Tech IT Maturity Model

    Stacked bar chart measuring percentage of survey respondents by IT maturity level. Innovator is 7.11%, Business Partner is 16.44%, Trusted Operator is 24.89%, Firefighter is 39.11%, and Unstable is 12.44%.
    (n=225)

    Innovator – Transforms the Business
    Reliable Technology Innovation

    Business Partner – Expands the Business
    Effective Execution Projects, Strategic Use of Analytics and Customer Technology

    Trusted Operator – Optimizes Business
    Effective Fulfillment of Work Orders, Functional Business Applications, and Reliable Data Quality

    Firefighter – Supports the Business
    Reliable Infrastructure and IT Service Desk

    Unstable – Struggles to Support
    Inability to Provide Reliable Business Services

    This report is based on people just like you

    Which of the following ethnicities (ethnicity refers to a group with a shared or common identity, culture, and/or language) do you identify with? Select all that apply. What gender do you identify most with?
    A pie chart measuring percentage of survey respondents by ethnicity. Answers are 'White (e.g. European, North America), 59%', 'Asian (e.g. Japan, India, Philippines, Uzbekistan), 12%', 'Black (e.g. Africa, Caribbean, North America), 12%', 'Latin/Hispanic (e.g. Cuba, Guatemala, Spain, Brazil), 7%', 'Middle Eastern (e.g. Lebanon, Libya, Iran), 4%', 'Indigenous (e.g. First Nations, Inuit, Metis, Maori), 3%', 'Indo-Caribbean (e.g. Trinidad & Tobago, Guyana, St. Vincent), 3%'.
    (N=245)
    A pie chart measuring percentage of survey respondents by gender. Answers are 'Male, 67%', 'Female, 24%', 'Prefer not to answer, 5%', 'No Specification, 4%', 'Intersex, 0%'.
    (n=228)

    This report is based on people just like you

    What is your sub-department of IT? Which title best describes your position?
    Bar chart measuring percentage of survey respondents by sub-department. The top three answers are 'Senior Leadership', 'Infrastructure and Operations', and 'Application Development'.
    (n=227)
    Bar chart measuring percentage of survey respondents by title. The top four answers are 'Director-level, 29%', 'Manager, 22%', 'C-Level Officer, 18%', and 'VP-level, 11%.'
    (N=245)

    IT Talent Trends 2022

    Each trend is introduced with key questions you can ask yourself to see how your department fares in that area.

    The report is based on statistics from a survey of 245 of your peers.

    It includes recommendations of next steps and a key metric to track your success.

    It lists Info-Tech resources that you, as a member, can leverage to begin your journey to improve talent management in your department.

    Strategic Recruiting Finds Good Talent

    Finding talent in a strained talent market requires a marketing approach. Posting a job description isn’t enough.

    The (Not So) Great Resignation

    IT is faring better than other functions; however, specific industries need to pay attention.

    Grow Your DEI Practices Into Meaningful Actions

    Good intentions are not enough.

    Remote Work Is Here – Can Your Culture Adapt?

    The Great Experiment is over. Are leaders equipped to capitalize on its promises?

    Management Skills Drive Success in a Remote World

    Despite the need for remote team management training, it is still not happening.

    The report is based on data gathered from Info-Tech Research Group’s 2022 IT Talent Trends Survey. The data was gathered in September and October of 2021.

    Strategic Recruiting Finds Good Talent

    Trend 1 | The Battle to Find and Keep Talent

    As the economy has stabilized, more jobs have become available, creating a job seeker’s market. This is a clear sign of confidence in the economy, however fragile, as new waves of the pandemic continue.

    Info-Tech Point of View

    Recruiting tactics are an outcome of a well-defined candidate experience and employee value proposition.

    Introduction

    Cross-section of a plant and its roots, above and below ground. During our interviews, members that focused on sharing their culture with a strong employee value proposition were more likely to be successful in hiring their first-choice candidates.
    Questions to ask yourself
    • Do you have a well-articulated employee value proposition?
    • Are you using your job postings to market your company culture?
    • Have you explored multiple channels for posting jobs to increase your talent pool of candidates?

    47% of respondents are hiring external talent to fill existing gaps, with 40% using external training programs to upgrade current employees. (Info-Tech IT Talent Trends 2022 Survey)

    In October, the available jobs (in the USA) unexpectedly rose to 11 million, higher than the 10.4 million experts predicted. (CNN Business, 2021)

    Where has all the talent gone?

    IT faces multiple challenges when recruiting for specialized talent

    Talent scarcity is focused in areas with specialized skill sets such as security and architecture that are dynamic and evolving faster than other skill sets.

    “It depends on what field you work in,” said ADP chief economist Nela Richardson. “There were labor shortages in those fields pre-pandemic and two years forward, there is even more demand for people with those skills” (CNBC, 19 Nov. 2021).

    37% of IT departments are outsourcing roles to fill internal skill shortages. (Info-Tech Talent Trends 2022 Survey)

    Roles Difficult to Fill

    Horizontal bar chart measuring percentage of survey responses about which roles are most difficult to fill. In order from most difficult to least they are 'Security (n=177)', 'Enterprise Architecture (n=172)', 'Senior Leadership (n=169)', 'Data & Business Intelligence (n=171)', 'Applications Development (n=177)', 'Infrastructure & Operations (n=181)', 'Business Relationship Management (n=149)', 'Project Management (n=175)', 'Vendor Management (n=133)', 'Service Desk (n=184)'.(Info-Tech Talent Trends 2022 Survey)

    Case Study: Using culture to drive your talent pool

    This case study is happening in real time. Please check back to learn more as Goddard continues to recruit for the position.

    Recruiting at NASA

    Goddard Space Center is the largest of NASA’s space centers with approximately 11,000 employees. It is currently recruiting for a senior technical role for commercial launches. The position requires consulting and working with external partners and vendors.

    NASA is a highly desirable employer due to its strong culture of inclusivity, belonging, teamwork, learning, and growth. Its culture is anchored by a compelling vision, “For the betterment of Humankind,” and amplified by a strong leadership team that actively lives their mission and vision daily.

    Firsthand lists NASA as #1 on the 50 most prestigious internships for 2022.

    Rural location and no flexible work options add to the complexity of recruiting

    The position is in a rural area of Eastern Shore Virginia with a population of approximately 60,000 people, which translates to a small pool of candidates. Any hire from outside the area will be expected to relocate as the senior technician must be onsite to support launches twice a month. Financial relocation support is not offered and the position is a two-year assignment with the option of extension that could eventually become permanent.

    Photo of Steve Thornton, Acting Division Chief, Solutions Division, Goddard Space Flight Center, NASA.

    “Looking for a Talent Unicorn; a qualified, experienced candidate with both leadership skills and deep technical expertise that can grow and learn with emerging technologies.”

    Steve Thornton
    Acting Division Chief, Solutions Division,
    Goddard Space Flight Center, NASA

    Case Study: Using culture to drive your talent pool

    A good brand overcomes challenges

    Culture takes the lead in NASA's job postings, which attract a high number of candidates. Postings begin with a link to a short video on working at NASA, its history, and how it lives its vision. The video highlights NASA's diversity of perspectives, career development, and learning opportunities.

    NASA's company brand and employer brand are tightly intertwined, providing a consistent view of the organization.

    The employer vision is presented in the best place to reach NASA's ideal candidate: usajobs.gov, the official website of the United States Government and the “go-to” for government job listings. NASA also extends its postings to other generic job sites as well as LinkedIn and professional associations.

    Photo of Robert Leahy, Chief Information Officer, Goddard Space Flight Center, NASA.

    Interview with Robert Leahy
    Chief Information Officer
    Goddard Space Flight Center, NASA

    “Making sure we have the tools and mechanisms are two hiring challenges we are going to face in the future as how we work evolves and our work environment changes. What will we need to consider with our job announcements and the criteria for selecting employees?”

    Liteshia Dennis,
    Office Chief, Headquarter IT Office, Goddard Space Flight Center, NASA

    The ability to attract and secure candidates requires a strategy

    Despite prioritizing recruiting, IT departments see candidate experience as THE last Priority, either not focusing on it or relegating it to HR

    Candidate experience is listed as one of the bottom IT challenges, but without a positive experience, securing the talent you want will be difficult.

    Candidate experience starts with articulating your unique culture, benefits, and opportunities for development and innovative work as well as outlining flexible working options within an employer brand. Defining an employee value proposition is key to marketing your roles to potential employees.

    81% of respondents' rate culture as very important when considering a potential employer. (Info-Tech IT Talent Trends 2022 Survey)

    Tactics Used in Job Postings to Position the Organization Favorably as a Potential Employer

    Horizontal bar chart measuring percentage of survey responses about tactics used in job postings. The top tactics are 'Culture, 40%', 'Benefits, 40%', 'Opportunity for Innovative Work, 30%', and 'Professional Development, 30%'.(Info-Tech IT Talent Trends 2022 Survey)

    Case Study: Increasing talent pool at Info-Tech Research Group

    Strong sales leads to growth in operation capacity

    Info-Tech Research Group is an IT research & advisory firm helping IT leaders make strategic, timely, and well-informed decisions. Our actionable tools and analyst guidance ensure IT organizations achieve measurable results.

    The business has grown rapidly over the last couple of years, creating a need to recruit additional talent who were highly skilled in technical applications and approaches.

    In response, approval was given to expand headcount within Research for fiscal year 2022 and to establish a plan for continual expansion as revenue continues to grow.

    Looking for deep technical expertise with a passion for helping our members

    Hiring for our research department requires talent who are typically subject matter experts within their own respective IT domains and interested in and capable of developing research and advising clients through calls and workshops.

    This combination of skills, experience, and interest can be challenging to find, especially in an IT labor market that is more competitive than ever.

    Photo of Tracy-Lynn Reid, Practice Lead.

    Interview with Practice Lead Tracy-Lynn Reid

    Focus on Candidate Experience increases successful hire rate

    The senior leadership team established a project to focus on recruiting for net-new and open roles. A dedicated resource was assigned and used guidance from our research to enhance our hiring process to reduce time to hire and expand our candidate pool. Senior leaders stayed actively involved to provide feedback.

    The hiring process was improved by including panel interviews with interview protocols and a rubric to evaluate all candidates equitably.

    The initial screening conversation now includes a discussion on benefits, including remote and flexible work offerings, learning and development budget, support for post-secondary education, and our Buy-a-Book program.

    As a result, about 70% of the approved net-new headcount was hired within 12 weeks, with recruitment ongoing.

    Integrate Physical Security and Information Security

    • Buy Link or Shortcode: {j2store}383|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Security Processes & Operations
    • Parent Category Link: /security-processes-and-operations

    Physical security is often managed by facilities, not by IT security, resulting in segmented security systems. Integrating physical and information security introduces challenges in:

    • Understanding the value proposition of investment in governing and managing integrated systems, including migration costs, compared to separated security systems.
    • Addressing complex risks and vulnerabilities of an integrated security system.
    • Operationalizing enhanced capabilities created by adoption of emerging and disruptive technologies.

    Our Advice

    Critical Insight

    • Integrate security in people, process, and technology to improve your overall security posture. Having siloed systems running security is not beneficial. Many organizations are realizing the benefits of consolidating into a single platform across physical security, cybersecurity, HR, legal, and compliance.
    • Plan and engage stakeholders. Assemble the right team to ensure the success of your integrated security ecosystem, decide the governance model, and clearly define the roles and responsibilities.
    • Enhance strategy and risk management. Strategically, we want a physical security system that is interoperable with most technologies, flexible with minimal customization, functional, and integrated, despite the challenges of proprietary configurations, complex customization, and silos.

    Impact and Result

    Info-Tech's approach is a modular, incremental, and repeatable process to integrate physical and information security to:

    • Ensure the integration will meet the business' needs and determine effort and technical requirements.
    • Establish GRC processes that include integrated risk management and compliance.
    • Design and deploy an integrated security architecture.
    • Establish security metrics of effectiveness and efficiency for senior management and leadership.

    Integrate Physical Security and Information Security Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Integrate Physical Security and Information Security Storyboard – A step-by-step document that walks you through how to integrate physical security and information security.

    Info-Tech provides a three-phased framework for integrating physical security and information security: Plan, Enhance, and Monitor & Optimize.

    • Integrate Physical Security and Information Security Storyboard

    2. Integrate Physical Security and Information Security Requirements Gathering Tool – A tool to map organizational goals to IT goals, facilities goals, OT goals (if applicable), and integrated security goals.

    This tool serves as a repository for information about security integration elements, compliance, and other factors that will influence your integration of physical security and information security.

    • Integrate Physical Security and Information Security Requirements Gathering Tool

    3. Integrate Physical Security and Information Security RACI Chart Tool – A tool to identify and understand the owners of various security integration stakeholders across the organization.

    Populating a RACI chart (Responsible, Accountable, Consulted, and Informed) is a critical step that will assist you in organizing roles for carrying out integration steps. Complete this tool to assign tasks to suitable roles.

    • Integrate Physical Security and Information Security RACI Chart Tool

    4. Integrate Physical Security and Information Security Communication Deck – A tool to present your findings in a prepopulated document that summarizes the work you have completed.

    Complete this template to effectively communicate your integrated security plan to stakeholders.

    • Integrate Physical Security and Information Security Communication Deck
    [infographic]

    Further reading

    Integrate Physical Security and Information Security

    Securing information security, physical security, or personnel security in silos may not secure much

    Analyst Perspective

    Ensure integrated security success with close and continual collaboration

    From physical access control systems (PACS) such as electronic locks and fingerprint biometrics to video surveillance systems (VSS) such as IP cameras to perimeter intrusion detection and prevention to fire and life safety and beyond: physical security systems pose unique challenges to overall security. Additionally, digital transformation of physical security to the cloud and the convergence of operational technology (OT), internet of things (IoT), and industrial IoT (IIoT) increase both the volume and frequency of security threats.

    These threats can be safety, such as the health impact when a gunfire attack downed wastewater pumps at Duke Energy Substation, North Carolina, US, in 2022. The threats can also be economic, such as theft of copper wire, or they can be reliability, such as when a sniper attack on Pacific Gas & Electric’s Metcalf Substation in California, US, damaged 17 out of 21 power transformers in 2013.

    Considering the security risks organizations face, many are unifying physical, cyber, and information security systems to gain the long-term overall benefits a consolidated security strategy provides.

    Ida Siahaan
    Ida Siahaan

    Research Director, Security and Privacy Practice
    Info-Tech Research Group

    Executive Summary

    Your Challenge

    Physical security is often managed by facilities, not by IT security, resulting in segmented security systems. Meanwhile, integrating physical and information security introduces challenges in:

    • Value proposition of investment in governing and managing integrated systems including the migration costs compared to separated security systems.
    • Addressing complex risks and vulnerabilities of an integrated security system.
    • Operationalizing on enhanced capabilities created by adoption of emerging and disruptive technologies.

    Common Obstacles

    Physical security systems integration is complex due to various components such as proprietary devices and protocols and hybrid systems of analog and digital technology. Thus, open architecture with comprehensive planning and design is important.

    However, territorial protection by existing IT and physical security managers may limit security visibility and hinder security integration.

    Additionally, integration poses challenges in staffing, training and awareness programs, and dependency on third-party technologies and their migration plans.

    Info-Tech's Approach

    Info-Tech’s approach is a modular, incremental, and repeatable process to integrate physical and information security that enables organizations to:

    • Determine effort and technical requirements to ensure the integration will meet the business needs.
    • Establish GRC processes including integrated risk management and compliance.
    • Design and deploy integrated security architecture.
    • Establish metrics to monitor the effectiveness and efficiency of the security program.

    Info-Tech Insight

    An integrated security architecture, including people, process, and technology, will improve your overall security posture. These benefits are leading many organizations to consolidate their siloed systems into a single platform across physical security, cybersecurity, HR, legal, and compliance.

    Existing information security models are not comprehensive

    Current security models do not cover all areas of security, especially if physical systems and personnel are involved and safety is also an important property required.

    • The CIA triad (confidentiality, integrity, availability) is a well-known information security model that focuses on technical policies related to technology for protecting information assets.
    • The US Government’s Five Pillars of Information Assurance includes CIA, authentication, and non-repudiation, but it does not cover people and processes comprehensively.
    • The AAA model, created by the American Accounting Association, has properties of authentication, authorization, and accounting but focuses only on access control.
    • Donn Parker expanded the CIA model with three more properties: possession, authenticity, and utility. This model, which includes people and processes, is known as the Parkerian hexad. However, it does not cover physical and personnel security.

    CIA Triad

    The CIA Triad for Information Security: Confidentiality, Integrity, Availability


    Parkerian Hexad

    The Parkerian Hexad for Security: Confidentiality, Possession, Utility, Availability, Authenticity and Integrity

    Sources: Parker, 1998; Pender-Bey, 2012; Cherdantseva and Hilton, 2015

    Adopt an integrated security model

    Adopt an integrated security model which consists of information security, physical security, personnel security, and organizational security.

    The security ecosystem is shifting from segregation to integration

    Security ecosystem is shifting from the past proprietary model to open interfaces and future open architecture

    Sources: Cisco, n.d.; Preparing for Technology Convergence in Manufacturing, Info-Tech Research Group, 2018

    Physical security includes:

    • Securing physical access,
      e.g. facility access control, alarms, surveillance cameras
    • Securing physical operations
      (operational technology – OT), e.g. programmable logic controllers (PLCs), SCADA

    Info-Tech Insight

    Why is integrating physical and information security gaining more and more traction? Because the supporting technologies are becoming more matured. This includes, for example, migration of physical security devices to IP-based network and open architecture.

    Reactive responses to physical security incidents

    April 1995

    Target: Alfred P. Murrah Federal Building, Oklahoma, US. Method: Bombing. Impact: Destroyed structure of 17 federal agencies, 168 casualties, over 800 injuries. Result: Creation of Interagency Security Committee (ISC) in Executive Order 12977 and “Vulnerability Assessment of Federal Facilities” standard.
    (Source: Office of Research Services, 2017)

    April 2013

    Target: Pacific Gas & Electric’s Metcalf Substation, California, US. Method: Sniper attack. Impact: Out of 21 power transformers, 17 were damaged. Result: Creation of Senate Bill No. 699 and NERC- CIP-014 standard.
    (Source: T&D World, 2023)

    Sep. 2022

    Target: Nord Stream gas pipelines connecting Russia to Germany, Baltic sea. Method: Detonations. Impact: Methane leaks (~300,000 tons) at four exclusive economic zones (two in Denmark and two in Sweden). Result: Sweden’s Security Service investigation.
    (Source: CNBC News, 2022)

    Dec. 2022

    Target: Duke Energy Substation, North Carolina, US. Method: Gunfire. Impact: Power outages of ~40,000 customers and wastewater pumps in sewer lift stations down. Result: State of emergency was declared.
    (Source: CBS News, 2022)

    Info-Tech Insight

    When it comes to physical security, we have been mostly reactive. Typically the pattern starts with physical attacks. Next, the impacted organization mitigates the incidents. Finally, new government regulatory measures or private sector or professional association standards are put in place. We must strive to change our pattern to become more proactive.

    Physical security market forecast and top physical security challenges

    Physical security market forecast
    (in billions USD)

    A forecast by MarketsandMarkets projected growth in the physical security market, using historical data from 2015 until 2019, with a CAGR of 6.4% globally and 5.2% in North America.

    A forecast by MarketsandMarkets projected growth in the physical security market, using historical data from 2015 until 2019, with a CAGR of 6.4% globally and 5.2% in North America.

    Source: MarketsandMarkets, 2022

    Top physical security challenges

    An Ontic survey (N=359) found that threat data management (40%) was the top physical security challenge in 2022, up from 33% in 2021, followed by physical security threats to the C-suite and company leadership (35%), which was a slight increase from 2021. An interesting decrease is data protection and privacy (32%), which dropped from 36% in 2021.

    An Ontic survey (N=359) found that threat data management (40%) was the top physical security challenge in 2022, up from 33% in 2021, followed by physical security threats to the C-suite and company leadership (35%), which was a slight increase from 2021. An interesting decrease is data protection and privacy (32%), which dropped from 36% in 2021.

    Source: Ontic Center for Protective Intelligence, 2022

    Info-Tech Insight

    The physical security market is growing in systems and services, especially the integration of threat data management with cybersecurity.

    Top physical security initiatives and operations integration investments

    We know the physical security challenges and how the physical security market is growing, but what initiatives are driving this growth? These are the top physical security initiatives and top investments for physical security operations integration:

    Top physical security initiatives

    The number one physical security initiative is integrating physical security systems. Other initiatives with similar concerns included data and cross-functional integration

    A survey by Brivo asked 700 security professionals about their top physical security initiatives. The number one initiative is integrating physical security systems. Other initiatives with similar concerns included data and cross-functional integration.

    Source: Brivo, 2022

    Top investments for physical security operations integration

    The number one investment is on access control systems with software to identify physical threat actors. Another area with similar concern is integration of digital physical security with cybersecurity.

    An Ontic survey (N=359) on areas of investment for physical security operations integration shows the number one investment is on access control systems with software to identify physical threat actors. Another area with similar concern is integration of digital physical security with cybersecurity.

    Source: Ontic Center for Protective Intelligence, 2022

    Evaluate security integration opportunities with these guiding principles

    Opportunity focus

    • Identify the security integration problems to solve with visible improvement possibilities
    • Don’t choose technology for technology’s sake
    • Keep an eye to the future
    • Use strategic foresight

    Piece by piece

    • Avoid taking a big bang approach
    • Test technologies in multiple conditions
    • Run inexpensive pilots
    • Increase flexibility
    • Build a technology ecosystem

    Buy-in

    • Collaborate with stakeholders
    • Gain and sustain support
    • Maintain transparency
    • Increase uptake of open architecture

    Key Recommendations:

    Focus on your master plan

    Build a technology ecosystem

    Engage stakeholders

    Info-Tech Insight

    When looking for a quick win, consider learning the best internal or external practice. For example, in 1994 IBM reorganized its security operation by bringing security professionals and non-security professionals in one single structure, which reduced costs by approximately 30% in two years.

    Sources: Create and Implement an IoT Strategy, Info-Tech Research Group, 2022; Baker and Benny, 2013; Erich Krueger, Omaha Public Power District (contributor); Doery Abdou, March Networks Corporate (contributor)

    Case Study

    4Wall Entertainment – Asset Owner

    Industry: Architecture & Engineering
    Source: Interview

    4Wall Entertainment is quite mature in integrating its physical and information security; physical security has always been under IT as a core competency.

    4Wall Entertainment is a provider of entertainment lighting and equipment to event venues, production companies, lighting designers, and others, with a presence in 18 US and UK locations.

    After many acquisitions, 4Wall Entertainment needed to standardize its various acquired systems, including physical security systems such as access control. In its integrated security approach, IT owns the integrated security, but they interface with related entities such as HR, finance, and facilities management in every location. This allows them to obtain information such as holidays, office hours, and what doors need to be accessed as inputs to the security system and to get sponsorship in budgeting.

    In the past, 4Wall Entertainment tried delegating specific physical security to other divisions, such as facilities management and HR. This approach was unsuccessful, so IT took back the responsibility and accountability.

    Currently, 4Wall Entertainment works with local vendors, and its biggest challenge is finding third-party vendors that can provide nationwide support.

    In the future, 4Wall Entertainment envisions physical security modernization such as camera systems that allow more network accessibility, with one central system to manage and IoT device integration with SIEM and MDR.

    Results

    Lessons learned in integrating security from 4Wall Entertainment include:

    • Start with forming relationships with related divisions such as HR, finance, and facilities management to build trust and encourage sponsorship across management.
    • Create policies, procedures, and standards to deploy in various systems, especially when acquiring companies with low maturity in security.
    • Select third-party providers that offer the required functionalities, good customer support, and standard systems interoperability.
    • Close skill gaps by developing training and awareness programs for users, especially for newly acquired systems and legacy systems, or by acquiring expertise from consulting services.
    • Complete cost-benefit analysis for solutions on legacy systems to determine whether to keep them and create interfacing with other systems, upgrade them, or replace them entirely with newer systems.
    • Delegate maintenance of specific highly regulated systems, such as fire alarms and water sprinklers, to facilities management.
    Integration of Physical and Information Security Framework. Inputs: Integrated Items, Stakeholders, and Security Components. Phases, Outcomes and Benefits: Plan, Enhance and Monitor & Optimize.

    Tracking progress of physical and information security integration

    Physical security is often part of facilities management. As a result, there are interdependencies with both internal departments (such as IT, information security, and facilities) and external parties (such as third-party vendors). IT leaders, security leaders, and operational leaders should keep the big picture in mind when designing and implementing integration of physical and information security. Use this checklist as a tool to track your security integration journey.

    Plan

    • Engage stakeholders and justify value for the business.
    • Define roles and responsibilities.
    • Establish/update governance for integrated security.
    • Identify integrated elements and compliance obligations.

    Enhance

    • Determine the level of security maturity and update security strategy for integrated security.
    • Assess and treat risks of integrated security.
    • Establish/update integrated physical and information security policies and procedures.
    • Update incident response, disaster recovery, and business continuity plan.

    Monitor & Optimize

    • Identify skill requirements and close skill gaps for integrating physical and information security.
    • Design and deploy integrated security architecture and controls.
    • Establish, monitor, and report integrated security metrics on effectiveness and efficiency.

    Benefits of the security integration framework

    Today’s matured technology makes security integration possible. However, the governance and management of single integrated security presents challenges. These can be overcome using a multi-phased framework that enables a modular, incremental, and repeatable integration process, starting with planning to justify the value of investment, then enhancing the integrated security based on risks and open architecture. This is followed by using metrics for monitoring and optimization.

    1. Modular

      • Implementing a consolidated security strategy is complex and involves the integration of process, software, data, hardware, and network and infrastructure.
      • A modular framework will help to drive value while putting in appropriate guardrails.
    2. Incremental

      • Integration of physical security and information security involves many components such as security strategy, risk management, and security policies.
      • An incremental framework will help track, manage, and maintain each step while providing appropriate structure.
    3. Repeatable

      • Integration of physical security and information security is a journey that can be approached with a pilot program to evaluate effectiveness.
      • A repeatable framework will help to ensure quick time to value and enable immediate implementation of controls to meet operational and security requirements.

    Potential risks of the security integration framework

    Just as medicine often comes with side effects, our Integration of Physical and Information Security Framework may introduce risks too. However, as John F. Kennedy, thirty-fifth president of the United States, once said, "There are risks and costs to a program of action — but they are far less than the long-range cost of comfortable inaction."

    Plan Phase

    • Lack of transparency in the integration process can lead to lack of trust among stakeholders.
    • Lack of support from leadership results in unclear governance or lack of budget or human resources.
    • Key stakeholders leave the organization during the engagement and their replacements do not understand the organization’s operation yet.

    Enhance Phase

    • The risk assessment conducted focuses too much on IT risk, which may not always be applicable to physical security systems nor OT systems.
    • The integrated security does not comply with policies and regulations.

    Monitor and Optimize Phase

    • Lack of knowledge, training, and awareness.
    • Different testing versus production environments.
    • Lack of collected or shared security metrics.

    Data

    • Data quality issues and inadequate data from physical security, information security, and other systems, e.g. OT, IoT.
    • Too much data from too many tools are complex and time consuming to process.

    Develop an integration of information security, physical security, and personnel security that meets your organization’s needs

    Integrate security in people, process, and technology to improve your overall security posture

    Having siloed systems running security is not beneficial. Many organizations are realizing the benefits of consolidating into a single platform across physical security, cybersecurity, HR, legal, and compliance.

    Plan and engage stakeholders

    Assemble the right team to ensure the success of your integrated security ecosystem, decide the governance model, and clearly define the roles and responsibilities.

    Enhance strategy and risk management

    Strategically, we want a physical security system that is interoperable with most technologies, flexible with minimal customization, functional, and integrated, despite the challenges of proprietary configurations, complex customization, and silos.

    Monitor and optimize

    Find the most optimized architecture that is strategic, realistic, and based on risk. Next, perform an evaluation of the security systems and program by understanding what, where, when, and how to measure and to report the relevant metrics.

    Focus on master plan

    Identify the security integration problems to solve with visible improvement possibilities, and don’t choose technology for technology’s sake. Design first, then conduct market research by comparing products or services from vendors or manufacturers.

    Build a technology ecosystem

    Avoid a big bang approach and test technologies in multiple conditions. Run inexpensive pilots and increase flexibility to build a technology ecosystem.

    Deliverables

    Each step of this framework is accompanied by supporting deliverables to help you accomplish your goals:

    Integrate Physical Security and Information Security Requirements Gathering Tool

    Map organizational goals to IT goals, facilities goals, OT goals (if applicable), and integrated security goals. Identify your security integration elements and compliance.

    Integrate Physical Security and Information Security RACI Chart Tool

    Identify various security integration stakeholders across the organization and assign tasks to suitable roles.

    Key deliverable:

    Integrate Physical Security and Information Security Communication Deck

    Present your findings in a prepopulated document that summarizes the work you have completed.

    Plan

    Planning is foundational to engage stakeholders. Start with justifying the value of investment, then define roles and responsibilities, update governance, and finally identify integrated elements and compliance obligations.

    Plan

    Engage stakeholders

    • To initiate communication between the physical and information security teams and other related divisions, it is important to identify the entities that would be affected by the security integration and involve them in the process to gain support from planning to delivery and maintenance.
    • Possible stakeholders:
      • Executive leadership, Facilities Management leader and team, IT leader, Security & Privacy leader, compliance officer, Legal, Risk Management, HR, Finance, OT leader (if applicable)
    • A successful security integration depends on aligning your security integration initiatives and migration plan to the organization’s objectives by engaging the right people to communicate and collaborate.

    Info-Tech Insight

    It is important to speak the same language. Physical security concerns safety and availability, while information security concerns confidentiality and integrity. Thus, the two systems have different goals and require alignment.

    Similarly, taxonomy of terminologies needs to be managed,1 e.g. facility management with an emergency management background may have a different understanding from a CISO with an information security background when discussing the same term. For example:

    In emergency management prevention means “actions taken to eliminate the impact of disasters in order to protect lives, property and the environment, and to avoid economic disruption.”2

    In information security prevention is “preventing the threats by understanding the threat environment and the attack surfaces, the risks, the assets, and by maintaining a secure system.”3

    Sources: 1 Owen Yardley, Omaha Public Power District (contributor); 2 Translation Bureau, Government of Canada, n.d.; 3 Security Intelligence, 2020


    Map organizational goals to integrated security goals

    Input

    • Corporate, IT, and Facilities strategies

    Output

    • Your goals for the integrated security strategy

    Materials

    • Integrate Physical Security and Information Security Requirements Gathering Tool

    Participants

    • Executive leadership
    • Facilities Management leader and team
    • IT leader
    • Security & Privacy leader
    • Compliance officer
    • Legal
    • Risk Management
    • HR & Finance
    • OT leader (if applicable)
    1. As a group, brainstorm organization goals.
      • Review relevant corporate, IT, and facilities strategies.
    2. Record the most important business goals in the “Goals Cascade” tab of the Integrate Physical Security and Information Security Requirements Gathering Tool. Try to limit the number of business goals to no more than ten goals. This limitation will be critical to helping focus on your integrated security goals.
    3. For each goal, identify one to two security alignment goals. These should be objectives for the security strategy that will support the identified organization goals.

    Download the Integrate Physical Security and Information Security Requirements Gathering Tool.

    Record organizational goals

    A table to identify Organization, IT, OT(if applicable), Facilities, and Security Goals Definitions.

    Refer to the Integration of Physical and Information Security Framework when filling in the table.

    1. Record your identified organizational goals in the “Goals Cascade” tab of the Integrate Physical Security and Information Security Requirements Gathering Tool.
    2. For each organizational goal, identify IT alignment goals.
    3. For each organizational goal, identify OT alignment goals (if applicable).
    4. For each organizational goal, identify Facilities alignment goals.
    5. For each organizational goal, select an integrated security goal from the drop-down menu.

    Justify value for the business

    Facilities in most cases have a team that is responsible for physical security installations such as access key controllers. Whenever there is an issue, they contact the provider to fix the error. However, with smart buildings and smart devices, the threat surface grows to include information security threats, and Facilities may not possess the knowledge and skills required to deal with them. At the same time, delegating physical security to IT may add more tasks to their already-too-long list of responsibilities. Consolidating security to a focused security team that covers both physical and information security can help.1 We need to develop the security integration business case beyond physical security "gates, guns, and guards" mentality.2

    An example of a cost-benefit analysis for security integration:

    Benefits

    Metrics

    Operational Efficiency and Cost Savings

    • Reduction in deployment, maintenance, and staff time in manual operations of physical security devices such as logs collection from analog cameras to be automated into digital.
    • Reduction in staffing costs by bringing physical security SOC and information security SOC in one single structure.

    Reliability Improvements

    • Reduction in field crew time by identifying hardware that can be virtualized to have a centralized remote control.
    • Improvement of operating reliability through continuous and real-time monitoring of equipment such as door access control systems and camera surveillance systems.

    Customers & Users Benefits

    • Improvement of customer safety for essential services such as access to critical locations only by authorized personnel.
    • Improvement of reliability of services and address human factor in adoption of change by introducing change as a friendly activity.

    Cost

    Metrics

    Equipment and Infrastructure

    • Upgrade of existing physical security equipment, e.g. replacement of separated access control, video management system (VMS), and physical access control system (PACS) with a unified security platform.
    • Implementation of communication network equipment and labor to install, configure, and maintain the new network component.

    Software and Commission

    • The software and maintenance fee as well as upgrade implementation project cost.
    • Labor cost of field commissioning and troubleshooting.
    • Integration with security systems, e.g. event and log management, continuous monitoring, and investigation.

    Support and Resources

    • Cost to hire/outsource security FTEs for ongoing management and operation of security devices, e.g. SOC, MSSP.
    • Cost to hire/outsource FTEs to analyze, design, and deploy the integrated security architecture, e.g. consulting fee.

    Sources: 1 Andrew Amaro, KLAVAN Security Services (contributor); 2 Baker and Benny, 2013;
    Industrial Control System Modernization, Info-Tech Research Group, 2023; Lawrence Berkeley National Laboratory, 2021

    Plan

    Define roles and responsibilities

    Input

    • List of relevant stakeholders

    Output

    • Roles and responsibilities for the integration of physical and information security program

    Materials

    • Integrate Physical Security and Information Security RACI Chart Tool

    Participants

    • Executive leadership
    • Facilities Management leader and team
    • HR & Finance
    • IT leader and team
    • OT leader and team
    • Security & Privacy leader and team

    Many factors impact an organization’s level of effectiveness as it relates to integration of physical and information security. How the team interacts, what skill sets exist, the level of clarity around roles and responsibilities, and the degree of executive support and alignment are only a few. Thus, we need to identify stakeholders that are:

    • Responsible: The person(s) who does the work to accomplish the activity; they have been tasked with completing the activity and/or getting a decision made.
    • Accountable: The person(s) who is accountable for the completion of the activity. Ideally, this is a single person and is often an executive or program sponsor.
    • Consulted: The person(s) who provides information. This is usually several people, typically called subject matter experts (SMEs).
    • Informed: The person(s) who is updated on progress. These are resources that are affected by the outcome of the activities and need to be kept up to date.

    Download the Integrate Physical Security and Information Security RACI Chart Tool

    Define RACI chart

    Define Responsible, Accountable, Consulted, Informed (RACI) stakeholders.

    1. Customize the Work Units to best reflect your operation with applicable stakeholders.
    2. Customize the Action rows as required.

    Integrate Physical Security and Information Security RACI Chart

    Sources: ISC, 2015; ISC, 2021

    Info-Tech Insight

    The roles and responsibilities should be clearly defined. For example, IT Security should be responsible for the installation and configuration of all physical access controllers and devices, and facility managers should be responsible for the physical maintenance including malfunctioning such as access device jammed or physically broken.

    Plan

    Establish/update governance for integrated security

    HR & Finance

    HR provides information such as new hires and office hours as input to the security system. Finance assists in budgeting.

    Security & Privacy

    The security and privacy team will need to evaluate solutions and enforce standards on various physical and information security systems and to protect data privacy.

    Business Leaders

    Business stakeholders will provide clarity for their strategy and provide input into how they envision security furthering those goals.

    IT Executives

    IT stakeholders will be a driving force, ensuring all necessary resources are available and funded.

    Facilities/ Operations

    Operational plans will include asset management, monitoring, and support to meet functional goals and manage throughout the asset lifecycle.

    Infrastructure & Enterprise Architects

    Each solution added to the environment will need to be chosen and architected to meet business goals and security functions.

    Info-Tech Insight

    Assemble the right team to ensure the success of your integrated security ecosystem and decide the governance model, e.g. security steering committee (SSC) or a centralized single structure.

    Adapted from Create and Implement an IoT Strategy, Info-Tech Research Group, 2022

    What does the SSC do?

    Ensuring proper governance over your security program is a complex task that requires ongoing care and feeding from executive management to succeed.

    Your SSC should aim to provide the following core governance functions for your security program:

    1. Define Clarity of Intent and Direction

      How does the organization’s security strategy support the attainment of the business, IT, facilities management, and physical and information security strategies? The SSC should clearly define and communicate strategic linkage and provide direction for aligning security initiatives with desired outcomes.
    2. Establish Clear Lines of Authority

      Security programs contain many important elements that need to be coordinated. There must be clear and unambiguous authority, accountability, and responsibility defined for each element so lines of reporting/escalation are clear and conflicting objectives can be mediated.
    3. Provide Unbiased Oversight

      The SSC should vet the organization’s systematic monitoring processes to ensure there is adherence to defined risk tolerance levels and that monitoring is appropriately independent from the personnel responsible for implementing and managing the security program.
    4. Optimize Security Value Delivery

      Optimized value delivery occurs when strategic objectives for security are achieved and the organization’s acceptable risk posture is attained at the lowest possible cost. This requires constant attention to ensure controls are commensurate with any changes in risk level or appetite.

    Adapted from Improve Security Governance With a Security Steering Committee , Info-Tech Research Group, 2018

    Plan

    Identify integrated elements and compliance obligations

    To determine what elements need to be integrated, it’s important to scope the security integration program and to identify the consequences of integration for compliance obligations.

    INTEGRATED ELEMENTS

    What are my concerns?

    Process integrations

    Determine which processes need to be integrated and how

    • Examples: Security prevention, detection, and response; risk assessment

    Software and data integration

    Determine which software and data need to be integrated and how

    • Examples: Threat management tools, SIEM, IDPS, security event logs

    Hardware integration

    Determine which hardware needs to be integrated and how

    • Examples: Sensors, alarms, cameras, keys, locks, combinations, and card readers

    Network and infrastructure

    Determine which network and infrastructure components need to be integrated and how

    • Example: Network segmentation for physical access controllers.

    COMPLIANCE

    How can I address my concerns?

    Regulations

    Adhere to mandatory laws, directives, industry standards, specific contractual obligations, etc.

    • Examples: NERC CIP (North American Utilities), Network and Information Security (NIS) Directive (EU), Health and Safety at Work etc Act 1974 (UK), Occupational Safety and Health Act, 1970 (US), Emergency Management Act, 2007 (Canada)

    Standards

    Adhere to voluntary standards and obligations

    • Examples: NIST Cybersecurity Framework (CSF), The Risk Management Process for Federal Facilities: An Interagency Security Committee Standard (US), Cybersecurity Maturity Model Certification (CMMC), Service Organization Control (SOC 1 and 2)

    Guidelines

    Adopt guidelines that can improve the integrated security program

    • Examples: Best Practices for Planning and Managing Physical Security Resources (US Interagency Security Committee), Information Security Manual - Guidelines for Physical Security (Australian Cyber Security Centre), 1402-2021-Guide for Physical Security of Electric Power Substations (IEEE)

    Record integrated elements

    Scope and Boundaries from the Integrate Physical Security and Information Security Requirements Gathering Tool.

    Refer to the “Scope” tab of the Integrate Physical Security and Information Security Requirements Gathering Tool when filling in the following elements.

    1. Record your integrated elements, i.e. process integration, software and data integration, hardware integration, network and infrastructure, and physical scope of your security integration, in the “Scope” tab of the Integrate Physical Security and Information Security Requirements Gathering Tool.
    2. For each of your scoping give the rationale for including them in the Comments column. Careful attention should be paid to any elements that are not in scope.

    Record your compliance obligations

    Refer to the “Compliance Obligations” tab of the Integrate Physical Security and Information Security Requirements Gathering Tool.

    1. Identify your compliance obligations. These can include both mandatory and voluntary obligations. Mandatory obligations include:
      • Laws
      • Government regulations
      • Industry standards
      • Contractual agreements
      Voluntary obligations include standards that the organization has chosen to follow for best practices and any obligations that are required to maintain certifications. Organizations will have many different compliance obligations. For the purposes of your integrated security, include those that include physical security requirements.
    2. Record your compliance obligations, along with any notes, in your copy of the Integrate Physical Security and Information Security Requirements Gathering Tool.
    3. Refer to the “Compliance DB” tab for lists of standards/regulations/ guidelines.
    The “Compliance Obligations” tab of the Integrate Physical Security and Information Security Requirements Gathering Tool.

    Remediate third-party compliance gaps

    If you have third-party compliance gaps, there are four primary ways to eliminate them:

    1. Find a New, Compliant Partner

      Terminate existing contract and find another organization to partner with.
    2. Bring the Capability In-House

      Expense permitting, this may be the best way to protect yourself.
    3. Demand Compliance

      Tell the third party they must become compliant. Make sure you set a deadline.
    4. Accept Noncompliance and Assume the Risk

      Sometimes remediation just isn’t cost effective and you have no choice.

    Follow Contracting Best Practices to Mitigate the Risk of Future Third-Party Compliance Gaps

    1. Perform Initial Due Diligence: Request proof of third-party compliance prior to entering into a contract.
    2. Perform Ongoing Due Diligence: Request proof of third-party contractor compliance annually.
    3. Contract Negotiation: Insert clauses requesting periodic assertions of compliance.

    View a sample contract provided by the US Department of Health and Human Services.

    Source: Take Control of Compliance Improvement to Conquer Every Audit, Info-Tech Research Group, 2015

    Pitfalls to avoid when planning security integration

    • No Resources Lineups

      Integration of security needs support from leadership, proper planning, and clear and consistent communication across the organization.
    • Not Addressing Holistic Security

      Create policies and procedures and follow standards that are holistic and based on threats and risks, e.g. consolidated access control policies.
    • Lack of Governance

      While the IT department is a critical partner in cybersecurity, the ownership of such a role sits squarely in the organizational C-suite, with regular reporting to the board of directors (if applicable).
    • Overlooking Business Continuity Effort

      IT and physical security are integral to business continuity and disaster recovery strategies.
    • Not Having Relevant Training and Awareness

      Provide a training and awareness program based on relevant attack vectors. Trained employees are key assets to the development of a safe and secure environment. They must form the base of your security culture.
    • Overbuilding or Underbuilding

      Select third-party providers that offer systems interoperability with other security tools. The intent is to promote a unified approach to security to avoid a cumbersome tooling zoo.

    Sources: Real Time Networks, 2022; Andrew Amaro, KLAVAN Security Services (contributor)

    Enhance

    Enhancing is the development of an integrated security strategy, policies, procedures, BCP, DR, and IR based on the organization’s risks.

    Enhance

    Determine the level of security maturity and update the security strategy

    • Before updating your security strategies, you need to understand the organization’s business strategies, IT strategies, facilities strategies, and physical and information security strategies. The goal is to align your integrated security strategies to contribute to your organization’s success.
    • The integrated security leaders need to understand the direction of the organization. For example:
      • Growth expectation
      • Expansions or mergers anticipation
      • Product or service changes
      • Regulatory requirements
    • Wise security investments depend on aligning your security initiatives to the organization’s objectives by supporting operational performance and ensuring brand protection and shareholder values.
    Integrated security strategies. Consists of an organization’s business strategies, IT strategies, facilities strategies, and physical and information security strategies.

    Sources: Amy L. Meger, Platte River Power Authority (contributor); Baker and Benny, 2013; IFSEC Global, 2023; Security Priorities 2023, Info-Tech Research Group, 2023; Build an Information Security Strategy, Info-Tech Research Group, 2020; ISC, n.d.

    Understanding security maturity

    Maturity models are very effective for determining security states. This table provides examples of general descriptions for physical and information security maturity levels.

    Determine which framework is suitable and select the description that most accurately reflects the ideal state for security in your organization.

    Level 1

    Level 2

    Level 3

    Level 4

    Level 5

    Minimum security with simple physical barriers. Low-level security to prevent and detect some unauthorized external activity. Medium security to prevent, detect, and assess most unauthorized external activity and some unauthorized internal activity. High-level security to prevent, detect, and assess most unauthorized external and internal activity. Maximum security to prevent, detect, assess, and neutralize all unauthorized external and internal activity.

    Physical security maturity level1

    Initial/Ad hoc security programs are reactive. Developing security programs can be effective at what they do but are not holistic. A defined security program is holistic, documented, and proactive. Managed security programs have robust governance and metrics processes. An optimized security program is based on strong risk management practices, including the production of key risk indicators (KRIs).

    Information security maturity level2

    Sources: 1 Fennelly, 2013; 2 Build an Information Security Strategy, Info-Tech Research Group, 2020

    Enhance

    Assess and treat integrated security risks

    The risk assessment conducted consists of analyzing existing inherent risks, existing pressure to the risks such as health and safety laws and codes of practice, new risks from the integration process, risk tolerance, and countermeasures.

    • Some organizations already integrate security into corporate security that consists of risk management, compliance, governance, information security, personnel security, and physical security. However, some organizations are still separating security components, especially physical security and information security, which limits security visibility and the organization’s ability to complete a comprehensive risks assessment.
    • Many vendors are also segregating physical security and information security solutions because their tools do well only on certain aspects. This forces organizations to combine multiple tools, creating a complex environment.
    • Additionally, risks related to people such as mental health issues must be addressed properly. The prevalence of hybrid work post-pandemic makes this aspect especially important.
    • Assess and treat risks based on the organization’s requirements, including its environments. For example, the US federal facility security organization is required to conduct risk assessments at least every five years for Level I (lowest risk) and Level II facilities and at least every three years for Level III, IV, and V (highest risk) facilities.

    Sources: EPA, n.d.; America's Water Infrastructure Act (AWIA), 2018; ISC, 2021

    “In 2022, 95% of US companies are consolidating into a single platform across physical security, cybersecurity, HR, legal and compliance.”

    Source: Ontic Center for Protective Intelligence, 2022; N=359

    Example risk levels

    The risk assessment conducted is based on a combination of physical and information security factors such as certain facilities factors. The risk level can be used to determine the baseline level of protection (LOP). Next, the baseline LOP is customized to the achievable LOP. The following is an example for federal facilities determined by Interagency Security Committee (ISC).

    Risk factor, points and score. Facility security level (FSL), level of risk, and baseline level of protection.

    Source: ISC, 2021

    Example assets

    It is important to identify the organization’s requirements, including its environments (IT, IoT, OT, facilities, etc.), and to measure and evaluate its risks and threats using an appropriate risk framework and tools with the critical step of identifying assets prior to acquiring solutions.

    Organizational requirements including its environments(IT, loT, OT, facilities, etc.)

    Info-Tech Insight

    Certain exceptions must be identified in risk assessment. Usually physical barriers such as gates and intrusion detection sensors are considered as countermeasures,1 however, under certain assessment, e.g. America's Water Infrastructure Act (AWIA),2 physical barriers are also considered assets and as such must also be assessed.

    Compromising a fingerprint scanner

    An anecdotal example of why physical security alone is not sufficient.

    Biometrics: secure access and data security.

    Image by Rawpixel.com on Freepik

    Lessons learned from using fingerprints for authentication:

    • Fingerprint scanners can be physically circumvented by making a copy an authorized user’s fingerprint with 3D printing or even by forcefully amputating an authorized user’s finger.
    • Authorized users may not be given access when the fingerprint cannot be recognized, e.g. if the finger is covered by bandage due to injury.
    • Integration with information security may help detect unauthorized access, e.g. a fingerprint being scanned in a Canadian office when the same user was scanned at a close time interval from an IP in Europe will trigger an alert of a possible incident.

    Info-Tech Insight

    In an ideal world, we want a physical security system that is interoperable with all technologies, flexible with minimal customization, functional, and integrated. In the real world, we may have physical systems with proprietary configurations that are not easily customized and siloed.

    Source: Robert Dang, Info-Tech Research Group

    Use case: Microchip implant

    Microchip implants can be used instead of physical devices such as key cards for digital identity and access management. Risks can be assessed using quantitative or qualitative approaches. In this use case a qualitative approach is applied to impact and likelihood, and a quantitative approach is applied to revenue and cost.

    Asset: Microchip implant

    Benefits

    Impact

    • Improve user satisfaction by removing the need to carry key cards, IDs, etc.
    • Improve operating reliability by reducing the likelihood of losing physical devices such as key cards.
    • Improve reliability of services through continuous and real-time connection with other systems such as payment system.

    Likelihood

    • Improve user satisfaction: High
    • Improve operating reliability: High
    • Improve reliability of services: High

    Revenue

    • Acquire new customers or retain existing customers by making daily lives easier with no need to carry key cards, IDs, etc.
    • Cost reduction in staffing of security personnel, e.g. reducing the staffing of building guards or receptionist.

    Risks

    Impact

    • Security: issues such as biohacking of wearable technology and interconnected devices.
    • Safety: issues such as infections or reactions in the body's immune system.
    • Privacy: issues such as unauthorized surveillance and tracking of activities.

    Likelihood

    • Biohacking: Medium
    • Infections: Low
    • Surveillance: High

    Cost

    • Installation costs and hardware costs.
    • Overall lifecycle cost including estimated software and maintenance costs.
    • Estimated cost of training and estimated increase in productivity.

    Sources: Business Insider, 2018; BBC News, 2022; ISC, 2015

    Enhance

    Update integrated security policies and procedures

    Global policies with local implementation

    This model works for corporate groups with a parent company. In this model, global security policies are developed by a parent company and local policies are applied to the unique business that is not supported by the parent company.

    Update of existing security policies

    This model works for organizations with sufficient resources. In this model, integrated security policies are derived from various policies. For example, physical security in smart buildings/devices (sensors, automated meters, HVAC, etc.) and OT systems (SCADA, PLCs, RTUs, etc.) introduce unique risk exposures, necessitating updates to security policies.

    Customization of information security policies

    This model works for smaller organizations with limited resources. In this model, integrated security policies are derived from information security policies. The issue is when these policies are not applicable to physical security systems or other environments, e.g. OT systems.

    Sources: Kris Krishan, Waymo (contributor); Isabelle Hertanto, Info-Tech Research Group (contributor); Physical and Environmental Security Policy Template, Info-Tech Research Group, 2022.

    Enhance

    Update BCP, DR, IR

    • Physical threats such as theft of material, vandalism, loitering, and the like are also part of business continuity threats.
    • These threats can be carried out by various means such as vehicles breaching perimeter security, bolt cutters used for cutting wire and cable, and ballistic attack.
    • Issues may occur when security operations are owned separately by physical security or information security, thus lacking consistent application of best practices.
    • To overcome this issue, organizations need to update BCP, DR, and IR holistically based on a cost-benefit analysis and the level of security maturity, which can be defined based on the suitable framework.

    Sources: IEEE, 2021; ISC, 2021

    “The best way to get management excited about a disaster plan is to burn down the building across the street.”

    Source: Dan Erwin, Security Officer, Dow Chemical Co., in Computerworld, 2022

    Optimize

    Optimizing means working to make the most effective and efficient use of resources, starting with identifying skill requirements and closing skill gaps, followed by designing and deploying integrated security architecture and controls, and finally monitoring and reporting integrated security metrics.

    Optimize

    Identify skill requirements and close skill gaps

    • The pandemic changed how people work and where they choose to work, and most people still want a hybrid work model. Our survey in July 2022 (N=516) found that 55.8% of employees have the option to work offsite 2-3 days per week, 21.0% can work offsite 1 day per week, and 17.8% can work offsite 4 days per week.
    • The investment (e.g. on infrastructure and networks) to initiate remote work was huge, and the costs didn’t end there; organizations needed to maintain the secure remote work infrastructure to facilitate the hybrid work model.
    • Moreover, roles are evolving due to convergence and modernization. These new roles require an integrative skill set. For example, the grid security and ops team might consist of an IT security specialist, a SCADA technician/engineer, and an OT/IIOT security specialist, where OT/IIOT security specialist is a new role.
    Identify skill gaps that hinder the successful execution of the hybrid work security strategy. Use the identified skill gaps to define the technical skill requirements for current and future work roles. Conduct a skills assessment on your current workforce to identify employee skill gaps. Decide whether to train (including certification), hire, contract, or outsource to close each skill gap.

    Strategic investment in internal security team

    Internal security governance and management using in-house developed tools or off-the-shelf solutions, e.g. security information and event management (SIEM).

    Security management using third parties

    Internal security management using third-party security services, e.g. managed security service providers (MSSPs).

    Outsourcing security management

    Outsourcing the entire security functions, e.g. using managed detection and response (MDR).

    Sources: Info-Tech Research Group’s Security Priorities 2023, Close the InfoSec Skills Gap, Build an IT Employee Engagement Program, and Grid Modernization

    Select the right certifications

    What are the options?

    • One issue in security certification is the complexity of relevancy in topics with respect to roles and levels.
    • The European Union Agency for Cybersecurity (ENISA) takes the approach of analyzing existing certifications of ICS/SCADA professionals' cybersecurity skills by orientation, scope, and supporting bodies that are grouped into specific certifications, relevant certifications, and safety certifications (ENISA, 2015).
    • This approach can also be applied to integrated security certifications.

    Physical security certification

    • Examples: Industrial Security Professional Certification (NCMS-ISP); Physical Security Professional (ASIS-PSP); Physical Security Certification (CDSE-PSC); ISC I-100, I-200, I-300, and I-400

    Cyber physical system security certification

    • Examples: Certified SCADA Security Architect (CSSA), EC-Council ICS/SCADA Cybersecurity Training Course

    Information security certification

    • Examples: Network and Information Security (NIS) Driving License, ISA/IEC 62443 Cybersecurity Certificate Program, GIAC Global Industrial Cyber Security Professional (GICSP)

    Safety Certifications

    • Examples: Board of Certified Safety Professionals (BCSP), European Network of Safety and Health Professional Organizations (ENSHPO)
    Table showing options for Certification orientation, scope and supporting bodies.

    Optimize

    Design and deploy integrated security architecture and controls

    • A survey by Brivo found that 38% of respondents have partly centralized security platforms, 25% have decentralized platforms, and 36% have centralized platforms (Brivo, 2022; N=700).
    • If your organization’s security program is still decentralized or partly centralized and your organization is planning to establish an integrated security program, then the recommendation is to perform a holistic risk assessment based on probability and impact assessments on threats and vulnerabilities.
    • The impacted factors, for example, are customers served, criticality of services, equipment present inside the building, personnel response time for operational recovery and the mitigation of hazards, and costs.
    • Frameworks such as Sherwood Applied Business Security Architecture (SABSA), Control Objectives for Information and Related Technologies (COBIT), and The Open Group Architecture Framework (TOGAF) can be used to build security architecture that aligns security goals with business goals.
    • Finally, analyze the security design against the design criteria.

    Sources: ISA and Honeywell Integrated Security Technology Lab, n.d.; IEEE, 2021

    “As long as organizations treat their physical and cyber domains as separate, there is little hope of securing either one.”

    Source: FedTech magazine, 2009

    Analyze architecture design

    Cloud, on-premises, or hybrid? During the pandemic, many enterprises were under tight deadlines to migrate to the cloud. Many did not refactor data and applications correctly for cloud platforms during migration, with the consequence of high cloud bills. This happened because the migrated applications cannot take advantage of on-premises capabilities such as autoscaling. Thus, in 2023, it is plausible that enterprises will bring applications and data back on-premises.

    Below is an example of a security design analysis of platform architecture. Design can be assessed using quantitative or qualitative approaches. In this example, a qualitative approach is applied using high-level advantages and disadvantages.

    Design criteria

    Cloud

    Hybrid

    On-premises

    Effort

    Consumer effort is within a range, e.g. < 60%

    Consumer effort is within a range e.g. < 80%

    100% organization

    Reliability

    High reliability

    High reliability

    Medium reliability that depends on data centers

    Cost

    High cost when data and applications are not correctly designed for cloud

    Optimized cost when data and applications are correctly designed either for cloud or native

    Medium cost when data and applications take advantage of on-prem capabilities

    Info-Tech Insight

    It is important for organizations to find the most optimized architecture to support them, for example, a hybrid architecture of cloud and on-premises based on operations and cost-effectiveness. To help design a security architecture that is strategic, realistic, and based on risk, see Info-Tech’s Identify the Components of Your Cloud Security Architecture research.

    Sources: InfoWorld, 2023; Identify the Components of Your Cloud Security Architecture , Info-Tech Research Group, 2021

    Analyze equipment design

    Below is an example case of a security design analysis of electronic security systems. Design can be assessed using quantitative or qualitative approaches. In this example a qualitative approach is applied using advantages and disadvantages.

    Surveillance design criteria

    Video camera

    Motion detector

    Theft of security system equipment

    Higher economic loss Lower economic loss

    Reliability

    Positive detection of intrusion Spurious indication and lower reliability

    Energy savings and bandwidth

    Only record when motion is detected Detect and process all movement

    Info-Tech Insight

    Once the design has been analyzed, the next step is to conduct market research to analyze the solutions landscape, e.g. to compare products or services from vendors or manufacturers.

    Sources: IEEE, 202; IEC, n.d.; IEC, 2013

    Analyze off-the-shelf solutions

    Criteria to consider when comparing solutions:

    Criteria to consider when comparing solutions: 1 - Visibility and asset management. 2 - Threat detection, mitigation and response. 3 - Risk assessment and vulnerability management. 4 - Usability, architecture, Cost.

    Visibility and Asset Management

    Passively monitoring data using various protocol layers, actively sending queries to devices, or parsing configuration files of physical security devices, OT, IoT, and IT environments on assets, processes, and connectivity paths.

    Threat Detection, Mitigation, and Response (+ Hunting)

    Automation of threat analysis (signature-based, specification-based, anomaly-based, flow-based, content-based, sandboxing) not only in IT but also in relevant environments, e.g. physical, IoT, IIoT, and OT on assets, data, network, and orchestration with threat intelligence sharing and analytics.

    Risk Assessment and Vulnerability Management

    Risk scoring approach (qualitative, quantitative) based on variables such as behavioral patterns and geolocation. Patching and vulnerability management.

    Usability, Architecture, Cost

    The user and administrative experience, multiple deployment options, extensive integration capabilities, and affordability.

    Source: Secure IT/OT Convergence, Info-Tech Research Group, 2022

    Optimize

    Establish, monitor, and report integrated security metrics

    Security metrics serve various functions in a security program.1 For example:

    • As audit requirements. For integrated security, the requirements are derived from mandatory or voluntary compliance, e.g. NERC CIP.
    • As an indicator of maturity level. For integrated security, maturity level is used to measure the state of security, e.g. C2M2, CMMC.
    • As a measurement of effectiveness and efficiency. Security metrics consist of operational metrics, financial metrics, etc.

    Safety

    Physical security interfaces with the physical world. Thus, metrics based on risks related to safety are crucial. These metrics motivate personnel by making clear why they should care about security.
    Source: EPRI, 2017

    Business Performance

    The impact of security on the business can be measured with various metrics such as operational metrics, service level agreements (SLAs), and financial metrics.
    Source: BMC, 2022

    Technology Performance

    Early detection leads to faster remediation and less damage. Metrics such as maximum tolerable downtime (MTD) and mean time to recovery (MTR) indicate system reliability.
    Source: Dark Reading, 2022

    Security Culture

    Measure the overall quality of security culture with indicators such as compliance and audit, vulnerability management, and training and awareness.

    Info-Tech Insight

    Security failure can be avoided by evaluating the security systems and program. Security evaluation requires understanding what, where, when, and how to measure and to report the relevant metrics.

    Related Info-Tech Research

    Secure IT/OT Convergence

    The previously entirely separate OT ecosystem is migrating into the IT ecosystem, primarily to improve access via connectivity and to leverage other standard IT capabilities for economic benefit.

    Hence, IT and OT need to collaborate, starting with communication to build trust and to overcome their differences and followed by negotiation on components such as governance and management, security controls on OT environments, compliance with regulations and standards, and establishing metrics for OT security.

    Preparing for Technology Convergence in Manufacturing

    Information technology (IT) and operational technology (OT) teams have a long history of misalignment and poor communication.

    Stakeholder expectations and technology convergence create the need to leave the past behind and build a culture of collaboration.

    Build an Information Security Strategy

    Info-Tech has developed a highly effective approach to building an information security strategy – an approach that has been successfully tested and refined for over seven years with hundreds of organizations.

    This unique approach includes tools for ensuring alignment with business objectives, assessing organizational risk and stakeholder expectations, enabling a comprehensive current-state assessment, prioritizing initiatives, and building a security roadmap.

    Bibliography

    "1402-2021 - IEEE Guide for Physical Security of Electric Power Substations." IEEE, 2021. Accessed 25 Jan. 2023.

    "2022 State of Protective Intelligence Report." Ontic Center for Protective Intelligence, 2022. Accessed 16 Jan. 2023.

    "8 Staggering Statistics: Physical Security Technology Adoption." Brivo, 2022. Accessed 5 Jan. 2023.

    "America's Water Infrastructure Act of 2018." The United States' Congress, 2018. Accessed 19 Jan. 2023.

    Baker, Paul and Daniel Benny. The Complete Guide to Physical Security. Auerbach Publications. 2013

    Bennett, Steve. "Physical Security Statistics 2022 - Everything You Need to Know." WebinarCare, 4 Dec. 2022. Accessed 30 Dec. 2022.

    "Best Practices for Planning and Managing Physical Security Resources: An Interagency Security Committee Guide." Interagency Security Committee (ISC), Dec. 2015. Accessed 23 Jan. 2023.

    Black, Daniel. "Improve Security Governance With a Security Steering Committee." Info-Tech Research Group, 23 Nov. 2018. Accessed 30 Jan. 2023.

    Borg, Scott. "Don't Put Up Walls Between Your Security People." FedTech Magazine, 17 Feb. 2009. Accessed 15 Dec. 2022.

    Burwash, John. “Preparing for Technology Convergence in Manufacturing.” Info-Tech Research Group, 12 Dec. 2018. Accessed 7 Dec. 2022.

    Carney, John. "Why Integrate Physical and Logical Security?" Cisco. Accessed 19 Jan. 2023.

    "Certification of Cyber Security Skills of ICS/SCADA Professionals." European Union Agency for Cybersecurity (ENISA), 2015. Accessed 27 Sep. 2022.

    Cherdantseva, Yulia and Jeremy Hilton. "Information Security and Information Assurance. The Discussion about the Meaning, Scope and Goals." Organizational, Legal, and Technological Dimensions of IS Administrator, Almeida F., Portela, I. (eds.), pp. 1204-1235. IGI Global Publishing, 2013.

    Cobb, Michael. "Physical security." TechTarget. Accessed 8 Dec. 2022.

    “Conduct a Drinking Water or Wastewater Utility Risk Assessment.” United States Environmental Protection Agency (EPA), n.d. Web.

    Conrad, Sandi. "Create and Implement an IoT Strategy." Info-Tech Research Group, 28 July 2022. Accessed 7 Dec. 2022.

    Cooksley, Mark. "The IEC 62443 Series of Standards: A Product Manufacturer's Perspective." YouTube, uploaded by Plainly Explained, 27 Apr. 2021. Accessed 26 Aug. 2022.

    "Cyber and physical security must validate their value in 2023." IFSEC Global, 12 Jan. 2023. Accessed 20 Jan. 2023.

    "Cybersecurity Evaluation Tool (CSET®)." Cybersecurity and Infrastructure Security Agency (CISA). Accessed 23 Jan. 2023.

    "Cybersecurity Maturity Model Certification (CMMC) 2.0." The United States' Department of Defense (DOD), 2021. Accessed 29 Dec. 2022.

    “Cyber Security Metrics for the Electric Sector: Volume 3.” Electric Power Research Institute (EPRI), 2017.

    Czachor, Emily. "Mass power outage in North Carolina caused by gunfire, repairs could take days." CBS News, 5 Dec. 2022. Accessed 20 Jan. 2023.

    Dang, Robert, et al. “Secure IT/OT Convergence.” Info-Tech Research Group, 9 Dec. 2022. Web.

    "Emergency Management Act (S.C. 2007, c. 15)." The Government of Canada, 2007. Accessed 19 Jan. 2023.

    "Emergency management vocabulary." Translation Bureau, Government of Canada. Accessed 19 Jan. 2023.

    Fennelly, Lawrence. Effective physical security. Butterworth-Heinemann, 2013.

    Ghaznavi-Zadeh, Rassoul. "Enterprise Security Architecture - A Top-down Approach." The Information Systems Audit and Control Association (ISACA). Accessed 25 Jan. 2023.

    "Good Practices for Security of Internet of Things." European Union Agency for Cybersecurity (ENISA), 2018. Accessed 27 Sep. 2022.

    "Health and Safety at Work etc Act 1974." The United Kingdom Parliament. Accessed 23 Jan. 2023.

    Hébert, Michel, et al. “Security Priorities 2023.” Info-Tech Research Group, 1 Feb. 2023. Web.

    "History and Initial Formation of Physical Security and the Origin of Authority." Office of Research Services (ORS), National Institutes of Health (NIH). March 3, 2017. Accessed 19 Jan. 2023.

    "IEC 62676-1-1:2013 Video surveillance systems for use in security applications - Part 1-1: System requirements - General." International Electrotechnical Commission (IEC), 2013. Accessed 9 Dec. 2022.

    "Incident Command System (ICS)." ICS Canada. Accessed 17 Jan. 2023.

    "Information Security Manual - Guidelines for Physical Security." The Australian Cyber Security Centre (ACSC), Dec. 2022. Accessed 13 Jan. 2023.

    "Integrated Physical Security Framework." Anixter. Accessed 8 Dec. 2022.

    "Integrating Risk and Security within a TOGAF® Enterprise Architecture." TOGAF 10, The Open Group. Accessed 11 Jan. 2023.

    Latham, Katherine. "The microchip implants that let you pay with your hand." BBC News, 11 Apr. 2022. Accessed 12 Jan. 2023.

    Linthicum, David. "2023 could be the year of public cloud repatriation." InfoWorld, 3 Jan. 2023. Accessed 10 Jan. 2023.

    Ma, Alexandra. "Thousands of people in Sweden are embedding microchips under their skin to replace ID cards." Business Insider, 14 May 2018. Accessed 12 Jan. 2023.

    Mendelssohn, Josh and Dana Tessler. "Take Control of Compliance Improvement to Conquer Every Audit." Info-Tech Research Group, 25 March 2015. Accessed 27 Jan. 2023.

    Meredith, Sam. "All you need to know about the Nord Stream gas leaks - and why Europe suspects 'gross sabotage'." CNBC, 11 Oct. 2022. Accessed 20 Jan. 2023.

    Nicaise, Vincent. "EU NIS2 Directive: what’s changing?" Stormshield, 20 Oct. 2022. Accessed 17 Nov. 2022.

    "NIST SP 800-53 Rev. 5 Security and Privacy Controls for Information Systems and Organizations." The National Institute of Standards and Technology (NIST), 13 Jul. 2022. Accessed 27 Jan. 2023.

    "North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) Series." NERC. Accessed 23 Jan. 2023.

    "North America Physical Security Market - Global Forecast to 2026." MarketsandMarkets, June 2021. Accessed 30 Dec. 2022.

    "NSTISSI No. 4011 National Training Standard For Information Systems Security (InfoSec) Professionals." The United States Committee on National Security Systems (CNSS), 20 Jun. 1994. Accessed 23 Jan. 2023.

    "Occupational Safety and Health Administration (OSH) Act of 1970." The United States Department of Labor. Accessed 23 Jan. 2023.

    Palter, Jay. "10 Mistakes Made in Designing a Physical Security Program." Real Time Networks, 7 Sep. 2022. Accessed 6 Jan. 2023.

    Parker, Donn. Fighting Computer Crime. John Wiley & Sons, 1998.

    Pathak, Parag. "What Is Threat Management? Common Challenges and Best Practices." Security Intelligence, 2020. Accessed 5 Jan. 2023.

    Pender-Bey, Georgie. "The Parkerian Hexad." Lewis University, 2012. Accessed 24 Jan. 2023.

    Philippou, Oliver. "2023 Trends to Watch: Physical Security Technologies." Omdia. Accessed 20 Jan. 2023.

    Phinney, Tom. "IEC 62443: Industrial Network and System Security." ISA and Honeywell Integrated Security Technology Lab. Accessed 30 Jan. 2023.

    "Physical Security Market, with COVID-19 Impact Analysis - Global Forecast to 2026." MarketsandMarkets, Jan. 2022. Accessed 30 Dec. 2022.

    "Physical Security Professional (PSP)" ASIS International. Accessed 17 Jan. 2023.

    "Physical Security Systems (PSS) Assessment Guide" The United States' Department of Energy (DOE), Dec. 2016. Accessed 23 Jan. 2023.

    "Policies, Standards, Best Practices, Guidance, and White Papers." Interagency Security Committee (ISC). Accessed 23 Jan. 2023.

    "Profiles, Add-ons and Specifications." ONVIF. Accessed 9 Dec. 2022.

    "Protective Security Policy Framework (PSPF)." The Australian Attorney-General's Department (AGD). Accessed 13 Jan. 2023.

    "Satellites detect methane plume in Nord Stream leak." The European Space Agency (ESA), 6 oct. 2022. Accessed 23 Jan. 2023.

    ""Satellites detect methane plume in Nord Stream leak." The European Space Agency (ESA), 6 oct. 2022. Accessed 23 Jan. 2023.

    Satgunananthan, Niru. "Challenges in Security Convergence?" LinkedIn, 8 Jan. 2022. Accessed 20 Dec. 2022.

    Sooknanan, Shastri and Isaac Kinsella. "Identify the Components of Your Cloud Security Architecture." Info-Tech Research Group, 12 March 2021. Accessed 26 Jan. 2023.

    "TC 79 Alarm and electronic security systems." International Electrotechnical Commission (IEC), n.d. Accessed 9 Dec. 2022.

    "The Risk Management Process for Federal Facilities: An Interagency Security Committee Standard." Interagency Security Committee (ISC), 2021. Accessed 26 Jan. 2023.

    "The Short Guide to Why Security Programs Can Fail." CyberTalk, 23 Sep. 2021. Accessed 30 Dec. 2022.

    Verton, Dan. "Companies Aim to Build Security Awareness." Computerworld, 27 Nov. 2022. Accessed 26 Jan. 2023.

    "Vulnerability Assessment of Federal Facilities." The United States' Department of Justice, 28 Jun. 1995. Accessed 19 Jan. 2023.

    "What is IEC 61508?" 61508 Association. Accessed 23 Jan. 2023.

    Wolf, Gene. "Better Include Physical Security With Cybersecurity." T&D World 5 Jan. 2023. Accessed 19 Jan. 2023.

    Wood, Kate, and Isaac Kinsella. “Build an Information Security Strategy.” Info-Tech Research Group, 9 Sept. 2020. Web.

    Woolf, Tim, et al. "Benefit-Cost Analysis for Utility-Facing Grid Modernization Investments: Trends, Challenges, and Considerations." Lawrence Berkeley National Laboratory, Feb. 2021. Accessed 15 Nov. 2022.

    "Work Health and Safety Act 2011." The Australian Government. Accessed 13 Jan. 2023.

    Wu, Jing. “Industrial Control System Modernization: Unlock the Value of Automation in Utilities.” Info-Tech Research Group, 6 April 2023. Web.

    Research Contributors and Experts

    Amy L. Meger, IGP

    Information and Cyber Governance Manager
    Platte River Power Authority

    Andrew Amaro

    Chief Security Officer (CSO) & Founder
    KLAVAN Security

    Bilson Perez

    IT Security Manager
    4Wall Entertainment

    Dan Adams

    VP of Information Technology
    4Wall Entertainment

    Doery Abdou

    Senior Manager
    March Networks Corporate

    Erich Krueger

    Manager of Security Engineering
    Omaha Public Power District

    Kris Krishan

    Head of IT
    Waymo

    Owen Yardley

    Director, Facilities Security Preparedness
    Omaha Public Power District

    Govern Office 365

    • Buy Link or Shortcode: {j2store}52|cart{/j2store}
    • member rating overall impact (scale of 10): 9.5/10 Overall Impact
    • member rating average dollars saved: $21,473 Average $ Saved
    • member rating average days saved: 21 Average Days Saved
    • Parent Category Name: End-User Computing Applications
    • Parent Category Link: /end-user-computing-applications

    Exploring the enterprise collaboration marketspace is difficult. The difficulty in finding a suitable collaboration tool is that there are many ways to collaborate, with just as many tools to match.

    Our Advice

    Critical Insight

    Map your organizational goals to the administration features available in the Office 365 console. Your governance should reflect your requirements.

    Impact and Result

    The result is a defined plan for controlling Office 365 by leveraging hard controls to align Microsoft’s toolset with your needs and creating acceptable use policies and communication plans to highlight the impact of the transition to Office 365 on the end-user population.

    Govern Office 365 Research & Tools

    Start here – read the Executive Brief

    Understand the challenges posed by governing Office 365 and the necessity of deploying proper governance.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Define your organizational goals

    Develop a list of organizational goals that will enable you to leverage the Office 365 toolset to its fullest extent while also implementing sensible governance.

    • Govern Office 365 – Phase 1: Define Your Organizational Goals

    2. Control your Office 365 environment

    Use Info-Tech's toolset to build out controls for OneDrive, SharePoint, and Teams that align with your organizational goals as they relate to governance.

    • Govern Office 365 – Phase 2: Control Your Office 365 Environment
    • Office 365 Control Map
    • Microsoft Teams Acceptable Use Policy
    • Microsoft SharePoint Online Acceptable Use Policy
    • Microsoft OneDrive Acceptable Use Policy

    3. Communicate your results

    Communicate the results of your Office 365 governance program using Info-Tech's toolset.

    • Govern Office 365 – Phase 3: Communicate Your Results
    • Office 365 Communication Plan Template

    Infographic

    Workshop: Govern Office 365

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Define Goals

    The Purpose

    Develop a plan to assess the capabilities of the Office 365 solution and select licensing for the product.

    Key Benefits Achieved

    Office 365 capability assessment (right-size licensing)

    Acceptable Use Policies

    Mapped Office 365 controls

    Activities

    1.1 Review organizational goals.

    1.2 Evaluate Office 365 capabilities.

    1.3 Conduct the Office 365 capability assessment.

    1.4 Define user groups.

    1.5 Finalize licensing.

    Outputs

    List of organizational goals

    Targeted licensing decision

    2 Build Refined Governance Priorities

    The Purpose

    Leverage the Office 365 governance framework to develop and refined governance priorities.

    Build a SharePoint acceptable use policy and define SharePoint controls.

    Key Benefits Achieved

    Refined governance priorities

    List of SharePoint controls

    SharePoint acceptable use policy

    Activities

    2.1 Explore the Office 365 Framework.

    2.2 Conduct governance priorities refinement exercise.

    2.3 Populate the Office 365 control map (SharePoint).

    2.4 Build acceptable use policy (SharePoint).

    Outputs

    Refined governance priorities

    SharePoint control map

    Sharepoint acceptable use policy

    3 Control Office 365

    The Purpose

    Implement governance priorities for OneDrive and Teams.

    Key Benefits Achieved

    Clearly defined acceptable use policies for OneDrive and Teams

    List of OneDrive and Teams controls

    Activities

    3.1 Populate the Office 365 Control Map (OneDrive).

    3.2 Build acceptable use policy (OneDrive).

    3.3 Populate the Office 365 Control Map (Teams).

    3.4 Build acceptable use policy (Teams).

    Outputs

    OneDrive controls

    OneDrive acceptable use policy

    Teams controls

    Teams acceptable use policy

    4 SOW Walkthrough

    The Purpose

    Build a plan to communicate coming changes to the productivity environment.

    Key Benefits Achieved

    Communication plan covering SharePoint, Teams, and OneDrive

    Activities

    4.1 Build SharePoint one pager.

    4.2 Build OneDrive one pager.

    4.3 Build Teams one pager.

    4.4 Finalize communication plan.

    Outputs

    SharePoint one pager

    OneDrive one pager

    Teams one pager

    Overall finalized communication plan

    5 Communicate and Implement

    The Purpose

    Finalize deliverables and plan post-workshop communications.

    Key Benefits Achieved

    Completed Office 365 governance plan

    Finalized deliverables

    Activities

    5.1 Completed in-progress deliverables from previous four days.

    5.2 Set up review time for workshop deliverables and to discuss next steps.

    5.3 Validate governance with stakeholders.

    Outputs

    Completed acceptable use policies

    Completed control map

    Completed communication plan

    Completed licensing decision

    Streamline Your Workforce During a Pandemic

    • Buy Link or Shortcode: {j2store}515|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Lead
    • Parent Category Link: /lead

    Reduced infection rates in compromised areas are providing hope that these difficult times will pass. However, organizations are facing harsh realities in real time. With significant reductions in revenue, employers are facing pressure to quickly implement cost-cutting strategies, resulting in mass layoffs of valuable employees.

    Our Advice

    Critical Insight

    Employees are an organization’s greatest asset. When faced with cost-cutting pressures, look for redeployment opportunities that use talent as a resource to get through hard times before resorting to difficult layoff decisions.

    Impact and Result

    Make the most of your workforce in this unprecedented situation by following McLean & Company’s process to initiate redeployment efforts and reduce costs. If all else fails, follow our guidance on planning for layoffs and considerations when doing so.

    Streamline Your Workforce During a Pandemic Research & Tools

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Meet with leadership

    Set a strategy with senior leadership, brainstorm underused and understaffed employee segments and departments, then determine an approach to redeployments and layoffs.

    • Streamline Your Workforce During a Pandemic Storyboard
    • Redeployment and Layoff Strategy Workbook

    2. Plan individual and department redeployment

    Collect key information, prepare and redeploy, and roll up information across the organization.

    • Short-Term Survival Segment Evaluation Tool
    • Skills Inventory for Redeployment Tool
    • Redeployment Action and Communication Plan
    • Crisis Communication Guide for HR
    • Crisis Communication Guide for Leaders
    • Leadership Crisis Communication Guide Template
    • 3i's of Engaging Management – Manager Guide
    • Feedback and Coaching Guide for Managers
    • Redeployment Communication Roll-up Template

    3. Plan individual and department layoffs

    Plan for layoffs, execute on the layoff plan, and communicate to employees.

    • Employee Departure Checklist Tool
    • 10 Communication Best Practices in the Face of Crisis
    • Termination Logistics Tool
    • Termination Costing Tool
    • COVID-19: Employee-Facing Frequently Asked Questions Template
    • COVID-19: Employee-Facing Frequently Asked Questions
    • Standard Internal Communications Plan

    4. Monitor and manage departmental effectiveness

    Monitor departmental performance, review organizational performance, and determine next steps.

    • HR Metrics Library
    • Standard HR Scorecard
    [infographic]

    Implement Your Negotiation Strategy More Effectively

    • Buy Link or Shortcode: {j2store}225|cart{/j2store}
    • member rating overall impact (scale of 10): N/A
    • member rating average dollars saved: N/A
    • member rating average days saved: N/A
    • Parent Category Name: Vendor Management
    • Parent Category Link: /vendor-management
    • Forty-eight percent of CIOs believe their budgets are inadequate.
    • CIOs and IT departments are getting more involved with negotiations to reduce costs and risk.
    • Not all negotiators are created equal, and the gap between a skilled negotiator and an average negotiator is not always easy to identify objectively.
    • Skilled negotiators are in short supply.

    Our Advice

    Critical Insight

    • Preparation is critical for the success of your negotiation, but you cannot prepare for every eventuality.
    • Communication is the heart and soul of negotiations, but what is being “said” is only part of the picture.
    • Skilled negotiators separate themselves based on skillsets, and outcomes alone may not provide an accurate assessment of a negotiator.

    Impact and Result

    Addressing and managing critical negotiation elements helps:

    • Improve negotiation skills.
    • Implement your negotiation strategy more effectively.
    • Improve negotiation results.

    Implement Your Negotiation Strategy More Effectively Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should create and follow a scalable process for preparing to negotiate with vendors, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. During

    Throughout this phase, ten essential negotiation elements are identified and reviewed.

    • Implement Your Negotiation Strategy More Effectively – Phase 1: During
    • During Negotiations Tool
    [infographic]

    Workshop: Implement Your Negotiation Strategy More Effectively

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 12 Steps to Better Negotiation Preparation

    The Purpose

    Improve negotiation skills and outcomes.

    Understand how to use the Info-Tech During Negotiations Tool.

    Key Benefits Achieved

    A better understanding of the subtleties of the negotiation process and an identification of where the negotiation strategy can go awry.

    The During Negotiation Tool will be reviewed and configured for the customer’s environment (as applicable).

    Activities

    1.1 Manage six key items during the negotiation process.

    1.2 Set the right tone and environment for the negotiation.

    1.3 Focus on improving three categories of intangibles.

    1.4 Improve communication skills to improve negotiation skills.

    1.5 Customize your negotiation approach to interact with different personality traits and styles.

    1.6 Maximize the value of your discussions by focusing on seven components.

    1.7 Understand the value of impasses and deadlocks and how to work through them.

    1.8 Use concessions as part of your negotiation strategy.

    1.9 Identify and defeat common vendor negotiation ploys.

    1.10 Review progress and determine next steps.

    Outputs

    Sample negotiation ground rules

    Sample vendor negotiation ploys

    Sample discussion questions and evaluation matrix

    Build an Application Department Strategy

    • Buy Link or Shortcode: {j2store}180|cart{/j2store}
    • member rating overall impact (scale of 10): 9.2/10 Overall Impact
    • member rating average dollars saved: $220,866 Average $ Saved
    • member rating average days saved: 34 Average Days Saved
    • Parent Category Name: Architecture & Strategy
    • Parent Category Link: /architecture-and-strategy
    • Application delivery has modernized. There are increasing expectations on departments to deliver on organizational and product objectives with increasing velocity.
    • Application departments produce many diverse, divergent products, applications, and services with expectations of frequent updates and changes based on rapidly changing landscapes

    Our Advice

    Critical Insight

    • There is no such thing as a universal “applications department.” Unlike other domains of IT, there are no widely accepted frameworks that clearly outline universal best practices of application delivery and management.
    • Different software needs and delivery orientations demand a tailored structure and set of processes, especially when managing a mixed portfolio or multiple delivery methods.

    Impact and Result

    Understand what your department’s purpose is through articulating its strategy in three steps:

    • Determining your application department’s values, principles, and orientation.
    • Laying out the goals, objectives, metrics, and priorities of the department.
    • Building a communication plan to communicate your overall department strategy.

    Build an Application Department Strategy Research & Tools

    Start here – read the Executive Brief

    Read our concise Executive Brief to find out why you should build an application department strategy, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

    Besides the small introduction, subscribers and consulting clients within this management domain have access to:

    1. Take stock of who you are

    Consider and record your department’s values, principles, orientation, and capabilities.

    • Build an Application Department Strategy – Phase 1: Take Stock of Who You Are
    • Application Department Strategy Supporting Workbook

    2. Articulate your strategy

    Define your department’s strategy through your understanding of your department combined with everything that you do and are working to do.

    • Build an Application Department Strategy – Phase 2: Articulate Your Strategy
    • Application Department Strategy Template

    3. Communicate your strategy

    Communicate your department’s strategy to your key stakeholders.

    • Build an Application Department Strategy – Phase 3: Communicate Your Strategy

    Infographic

    Workshop: Build an Application Department Strategy

    Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

    1 Take Stock of Who You Are

    The Purpose

    Understand what makes up your application department beyond the applications and services provided.

    Key Benefits Achieved

    Articulating your guiding principles, values, capabilities, and orientation provides a foundation for expressing your department strategy.

    Activities

    1.1 Identify your team’s values and guiding principles.

    1.2 Define your department’s orientation.

    Outputs

    A summary of your department’s values and guiding principles

    A clear view of your department’s orientation and supporting capabilities

    2 Articulate Your Strategy

    The Purpose

    Lay out all the details that make up your application department strategy.

    Key Benefits Achieved

    A completed application department strategy canvas containing everything you need to communicate your strategy.

    Activities

    2.1 Write your application department vision statement.

    2.2 Define your application department goals and metrics.

    2.3 Specify your department capabilities and orientation.

    2.4 Prioritize what is most important to your department.

    Outputs

    Your department vision

    Your department’s goals and metrics that contribute to achieving your department’s vision

    Your department’s capabilities and orientation

    A prioritized roadmap for your department

    3 Communicate Your Strategy

    The Purpose

    Lay out your strategy’s communication plan.

    Key Benefits Achieved

    Your application department strategy presentation ready to be presented to your stakeholders.

    Activities

    3.1 Identify your stakeholders.

    3.2 Develop a communication plan.

    3.3 Wrap-up and next steps

    Outputs

    List of prioritized stakeholders you want to communicate with

    A plan for what to communicate to each stakeholder

    Communication is only the first step – what comes next?